Bellinati Perez

Information Security Manager – GRC

Bellinati Perez

full-time

Posted on:

Location Type: Hybrid

Location: CuritibaBrazil

Visit company website

Explore more

AI Apply
Apply

About the role

  • Manage and evolve the Information Security Management System (ISMS) and support the Information Privacy Management System (PIMS).
  • Ensure ongoing compliance with ISO/IEC 27001 and ISO/IEC 27701 standards.
  • Lead information security and privacy risk management processes, including identification, assessment, treatment and monitoring.
  • Coordinate internal, external and client audits, ensuring the quality of evidence and responses.
  • Manage non-conformities, corrective actions and continuous improvement initiatives.
  • Ensure SLAs are met when responding to client security and privacy questionnaires.
  • Lead supplier and partner security assessments, including analysis and tracking of contractual requirements.
  • Define and maintain corporate policies, standards and procedures for information security and data protection.
  • Develop and monitor KPIs and executive reports to track maturity and security risks.
  • Promote security awareness programs and foster an information security culture across the organization.
  • Lead, mentor and develop the Information Security Governance team.
  • Create and oversee technical and professional development plans for the team.
  • Set priorities, assign tasks and monitor team deliverables.
  • Encourage continuous improvement and maturity of governance practices across the organization.
  • Serve as a technical and strategic point of reference for the team and other business areas.

Requirements

  • Bachelor’s degree in a technology field such as Information Security, Computer Science, Information Systems or related areas.
  • Experience in Information Security Governance and managing security frameworks.
  • Experience implementing and maintaining ISO/IEC 27001 and/or ISO/IEC 27701.
  • Experience conducting internal, external and client audits.
  • Experience managing technical teams.
  • Knowledge of risk management, vendor management and security compliance.
  • Strong communication skills with technical teams, executives and clients.
  • Postgraduate degree or MBA in Information Security, Risk Management or related fields (preferred).
  • Certifications in information security and governance (preferred).
  • Experience with privacy programs and personal data protection.
  • Experience working in audited or highly regulated environments.
  • Experience responding to security audits from large clients.
Benefits
  • Fixed salary.
  • Production-based bonus.
  • Meal allowance of $31.00 per working day.
  • Transportation voucher.
  • Career development plan.
  • Multi-benefit card.
  • Life insurance.
  • SESC partnership/benefit.
  • University partnerships.
  • Corporate university.
  • One day off to relax: “Day Off” on your birthday.
  • Casual dress code — be yourself!
  • Dental plan.
  • Gympass/Wellhub access.
  • Psychological support.
  • On-site medical support available if needed.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Information Security Management System (ISMS)Information Privacy Management System (PIMS)ISO/IEC 27001ISO/IEC 27701risk managementsecurity complianceauditingvendor managementKPI developmentdata protection
Soft Skills
leadershipcommunicationmentoringteam managementcontinuous improvementstrategic thinkingorganizational skillsproblem-solvingcollaborationfostering security culture
Certifications
certifications in information securitycertifications in governance