Rox Partner

DPO, CISO – Information Security and Privacy

Rox Partner

full-time

Posted on:

Location Type: Hybrid

Location: São PauloBrazil

Visit company website

Explore more

AI Apply
Apply

Tech Stack

AWSAzureCloudCyber SecurityGoogle Cloud Platform

About the role

  • Lead the company's Information Security and Cybersecurity strategy.
  • Maintain and evolve the ISMS in accordance with ISO/IEC 27001.
  • Act as the Data Protection Officer (DPO) before the ANPD, ensuring compliance with the LGPD.
  • Define, review and ensure adherence to security and privacy policies.
  • Plan and conduct internal audits and support external audits.
  • Design, operate and evolve the SOC (internal or outsourced).
  • Define and execute monitoring, vulnerability management and incident response processes.
  • Act directly on critical incidents (log analysis, containment, eradication and recovery).
  • Manage security tools such as SIEM, EDR/XDR, Firewall, WAF, IAM, DLP and CASB.
  • Conduct DPIA/RIPD and manage privacy incidents.
  • Serve as the technical and executive interface with clients, partners, auditors and regulatory bodies.

Requirements

  • Degree in IT, Information Security, Engineering or related fields
  • Solid experience in Information Security and Cybersecurity
  • Mandatory knowledge of ISO/IEC 27001 and LGPD
  • Experience with SOC, SIEM, EDR/XDR and incident response
  • Knowledge of cloud security (AWS, Azure or GCP)
  • Experience with NIST, CIS and MITRE ATT&CK frameworks
  • Certifications such as ISO 27001 Lead, CISSP, CISM, CDPO, CEH, GCIH
  • Experience with audits and regulated environments
  • Hands-on profile with strategic and executive vision
Benefits
  • Hybrid work – Monday to Friday (9:00 AM to 6:00 PM)
  • Home-office allowance – R$300.00 per month credit on an iFood card for meals/food
  • Birthday – Rox rewards you with a gift card and a day off to celebrate your special day
  • Blog – We encourage knowledge sharing; for every 2 approved articles on the Rox blog you publish, you earn a day off
  • Courses – Full access to RoxSchool, Alura, Pluralsight and O'Reilly for books and talks
  • Certifications – Certification reimbursement up to R$300.00 (TECHNOLOGY) plus a R$300.00 bonus per certification achieved from these providers
  • Psychologist support – Two psychotherapy sessions monthly covered by ROX with partner psychologists
  • Feedz partnership – Gamified platform to improve communication and track sentiment, engagement, feedback, IDP and performance
  • WellHub (Gympass) – Partnership with gyms and health & wellness apps
  • We provide work equipment.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Information SecurityCybersecurityISO/IEC 27001LGPDSOCSIEMEDRXDRincident responsecloud security
Soft Skills
strategic visionexecutive visioninterpersonal skillscommunication skillsleadership
Certifications
ISO 27001 LeadCISSPCISMCDPOCEHGCIH