Clicksign

Head of Information Security

Clicksign

full-time

Posted on:

Location Type: Remote

Location: Remote • 🇧🇷 Brazil

Visit company website
AI Apply
Apply

Job Level

Lead

Tech Stack

AWSCloud

About the role

  • Develop and implement a strategic vision for information security aligned with business objectives and focused on continuous improvement of the area's processes and controls.
  • Lead the Information Security team to work in partnership with all other areas of the company.
  • Manage contracts, assets and services related to information security, ensuring optimal efficiency.
  • Monitor security trends and innovations, keeping the Information Security management system (ISMS) up to date.
  • Define information security standards and policies aimed at protecting information assets and ensuring business continuity.
  • Ensure regulatory compliance applicable to the company and adherence to industry best practices.
  • Collaborate with technology teams to define and implement effective strategies for integrating security across the development lifecycle, from design to operation.
  • Plan and implement processes and monitoring activities to mitigate risks and address potential threats.
  • Analyze and respond to information security incidents, map threats and vulnerabilities, and develop projects to prevent or remediate them.
  • Ensure the development and quality of security testing routines for the IT technologies adopted by the company.
  • Lead the training and awareness program to foster a strong security culture within the company.
  • Provide support for internal and external audits.
  • Evaluate and monitor security KPIs, keeping senior leadership informed about the maturity of the information security program.
  • Respond to requests and support the provision of the company's ISMS information to our clients and other stakeholders whenever necessary.

Requirements

  • More than 5 years of experience leading information security projects, preferably in technology companies or digital product companies.
  • Experience conducting assessments for ISO 27001 and ISO 27701.
  • Strong knowledge of cloud security, especially AWS and Google Cloud.
  • Familiarity with information security standards, frameworks and best practices, such as application security testing (AST), NIST, CIS, ISO 27001 and OWASP.
  • Experience in secure development and knowledge of security engineering.
  • Knowledge of DevSecOps best practices and methodologies.
  • Risk management skills and a pragmatic mindset.
  • Security certifications are desirable.
  • Strong verbal and written communication skills, including demonstrated ability to prepare high-quality documentation and presentations for technical and non-technical audiences, including C-level and Board of Directors.
  • Ability to communicate in English (written and spoken).
Benefits
  • 100% remote work.
  • A culture of trust, focused on results with many challenges and learning opportunities.
  • Autonomy and ownership in a collaborative and empathetic environment.
  • A culture of feedback and regular 1:1s with a human leadership style and no micromanagement.
  • Comprehensive benefits such as meal/food allowance, childcare assistance, home office allowance, health, education and culture benefits, Gympass, birthday day off, discounts on therapy and English courses, among other partnerships.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
information securitycloud securityISO 27001ISO 27701application security testingNISTCISOWASPDevSecOpsrisk management
Soft skills
leadershipcommunicationcollaborationtraininganalytical thinkingproblem-solvingpragmatic mindsetdocumentationpresentation skillsteamwork
Certifications
security certifications