Tech Manager – Cyber Security

📋 Description

• Lead and cultivate the IAM (Identity and Access Management), Security By Design, and Anti-Fraud & Revenue Protection teams, promoting technical excellence, collaboration, mentorship, and professional development.

• Define, execute, and enhance VOLL’s Cyber Security strategy, ensuring alignment with business goals, product roadmap, and the company’s risk tolerance.

• Establish and oversee the IAM program, guaranteeing identity lifecycle management, access controls (RBAC/ABAC), least privilege principles, MFA, SSO, and regular access reviews.

• Implement and advocate for Security By Design and Secure SDLC practices throughout Engineering and Product teams, including threat modeling, secure architecture assessments, SAST/DAST/SCA, and security checkpoints in the CI/CD pipeline.

• Drive the Anti-Fraud and Revenue Protection strategy by defining rules, models, and metrics for fraud prevention, detection, and response, aimed at mitigating financial losses and safeguarding company revenue.

• Define and monitor security OKRs, KPIs, and KRIs (control coverage, time to remediation, exposure, losses prevented, maturity) while reporting results to the executive board.

• Manage budget, roadmap, vendors, and strategic partnerships for the areas under your purview, ensuring operational efficiency and return on investment.

• Support audit, compliance, and certification processes (LGPD, ISO 27001, SOC 2, PCI-DSS when applicable), ensuring adherence to regulations.

• Act as the technical and executive point of reference for security and fraud incidents, directing crisis response, stakeholder communication, and continuous improvement initiatives.

• Keep abreast of trends, emerging threats, and new technologies, promoting ongoing innovation and a security-focused culture throughout the organization.

⛳️ Requirements

• Bachelor’s degree in Computer Science, Engineering, Information Systems, Information Security, or related fields (postgraduate/MBA is an advantage).

• Proven track record in Cyber Security with a strong background in leading and managing technical teams.

• Practical experience in IAM, Application Security / Security By Design, and Anti-Fraud & Revenue Protection.

• Extensive knowledge of security and privacy frameworks and standards: ISO/IEC 27001, ISO 27701, NIST CSF, CIS Controls, OWASP (Top 10, ASVS, SAMM), PCI-DSS, and LGPD.

• Experience with cloud environments (AWS, Azure, or GCP), modern architectures (microservices, APIs, containers/Kubernetes), and DevSecOps practices.

• Familiarity with threat modeling, risk assessment, and Secure SDLC.

• Capability to define and track strategic indicators (OKRs, KPIs, KRIs) and present results to C-level executives.

• Exceptional communication, business acumen, influencing skills, and a data-driven approach to decision-making.

• Intermediate to advanced English proficiency (technical reading, meetings, and documentation).

🏝️ Benefits

• Meal/food allowance provided on a Flash card.

• SulAmérica Medical and Dental plan.

• Total Pass.

• Home office allowance loaded onto the Flash card.

• Mental health support through VOLL Care.

• Educational assistance via VOLL Education.

• Group life insurance.

• 6-month maternity leave.

• 30-day paternity leave (our parental leave policy is inclusive of same-sex couples).

• Vacation eligibility begins after 6 months.

• Day off.