Position Summary: We are seeking an Information Security Specialist to lead from the business side, ensuring that digital transformation and cloud projects comply with corporate standards and controls. Key Highlights: 1. Lead security for digital transformation, cloud, and e-commerce projects. 2. Ensure compliance with ISO 27001, NIST CSF, COBIT, SOC 2, PCI DSS, GDPR/LPDP. 3. Drive implementation of IAM, DLP, Cloud Security, and DevSecOps. At Stefanini, we seek an Information Security Specialist to lead from the business side and ensure that digital transformation, cloud, and e-commerce projects meet standards, regulatory frameworks, and corporate controls protecting confidentiality, integrity, availability, and legal compliance of information. **Responsibilities and Authorities** * Serve as the strategic liaison among business, technology, and security, promoting security culture and governance. * Ensure compliance with and adoption of frameworks/standards: ISO 27001, NIST CSF, COBIT, SOC 2, PCI DSS, GDPR/LPDP. * Support new projects by ensuring security governance, defining controls, and maintaining traceability. * Assess security risks in software, cloud, and e-commerce; propose remediation plans. * Coordinate security testing: penetration tests, ethical hacking, and secure code reviews. * Drive and implement IAM, DLP, Cloud Security, and DevSecOps controls; integrate with SIEM and monitoring. * Support vendor audits and due diligence. * Translate technical risks into business language to support decision-making. **Experience** * 5 years in information security, including at least 3 years participating in digital transformation, retail, banking, or similar projects. * Demonstrated experience in: * Implementing frameworks: ISO 27001, NIST CSF, SOC 2, PCI DSS. * Assessing security risks in on-premises and cloud projects. * Coordinating penetration tests/ethical hacking and secure code reviews. * Implementing IAM, DLP, Cloud Security, and DevSecOps controls. **Requirements and Qualifications** **Academic Requirements** * Degree in Systems Engineering, Computer Science, Telecommunications, or related fields. * Specialization or certification in Information Security, Cybersecurity, or Risk Management. **Technical Knowledge** * IT and security risk management. * Regulatory requirements and international standards: ISO 27001, NIST, COBIT, GDPR/LPDP. * Cloud security: emphasis on AWS and Azure (GCP desirable). * Change management and project governance methodologies. * Secure architectures: Zero Trust, DevSecOps, CI/CD. * Monitoring tools, SIEM, and compliance solutions. * Experience in vendor audits and due diligence. **Additional Information** * Critical and strategic thinking; results-oriented. * Clear and assertive communication (translates technical risks into business terms). * Collaborative leadership with business, development, and IT teams. * Ethics and reliability; responsible handling of sensitive information. * Resilience and pressure management; continuous learning. * Service orientation, active listening, and empathy. * Generative AI knowledge * Banking sector knowledge Are you looking for a place where your ideas shine? With over 38 years of experience and a global presence, at Stefanini we transform tomorrow—together. Here, every action matters and every idea can make a difference. Join a team that values innovation, respect, and commitment. If you are a disruptive individual, committed to continuous learning, and innovation is in your DNA, then we are what you’re looking for. Come and let’s build a better future—together!