We are seeking a highly skilled and strategic Senior Security Architect to design and implement robust security frameworks, conduct threat assessments, manage improvement initiatives, and ensure compliance with relevant regulations.
This role will be pivotal in maintaining and advancing the security posture of the bank.Key ResponsibilitiesSecurity Strategy Development: Define and continuously enhance the security strategy, aligning it with organizational goals and regulatory requirements.Project Management: Lead and manage security enhancement projects including vulnerability assessments and penetration testing.Threat Intelligence: Conduct regular threat analyses to proactively address emerging risks.Compliance: Ensure adherence to banking regulations and data protection laws (PSD2, EBA, GDPR).Required Skills and QualificationsBachelor's degree in Computer Science, Information Systems, Electrical Engineering, or related fields.Minimum 5 years of experience in information security, including roles as an architect or engineer.Proven expertise in security strategies across on-premises and cloud platforms (AWS, Azure, GCP).
In-depth knowledge of IAM and network security architecture.Experience with security operations, SIEM tools, and incident response.
Skilled in SDLC processes and application security best practices.Hands-on scripting in Python or PowerShell for automation tasks.Proficient in securing Linux, Windows, and macOS environments.Deep understanding of regulatory frameworks and compliance standards.Strong leadership, communication, and project management capabilities.Fluent in Portuguese (C1) and proficient in English (B1 or above).Nice-to-Have QualificationsSecurity certifications (e.g., CISSP, CISM, Microsoft Cybersecurity Architect Expert, CompTIA Security+, SSCP, GIAC, TOGAF, SABSA).Experience in penetration testing and ethical hacking (e.g., OSCP).Risk management credentials (e.g., ISO 27005, FAIR).
Background in security control automation and compliance monitoring.Knowledge of third-party and vendor risk management.Familiarity with Zero Trust architecture, data security, DLP, and advanced tech like AI/ML, blockchain, and IoT.Understanding of the banking and financial services industry.