Tackling the complex banking system to empower people in one of the most bureaucratic markets in the world seems like a crazy idea, right? But that's why, how, and where Nubank was born. We fight complexity through our transparent and straightforward products and experiences: a no-fee credit card, a rewards program, a lending platform, and a digital savings account. In a nutshell, we are the most innovative tech company in Latin America, and we are obsessed with building financial services and products that make our customers love us fanatically. With over 30 million customers and $1.2 billion raised in investment rounds, we are the fastest growing digital bank in the world, with offices in Brazil, Germany, Mexico, and Argentina. And it's still only Day One for us!
The Information Security Officer (ISO) ensures the confidentiality, integrity, and availability of information and systems. Responsibilities include; offering guidance, best practices, and support across businesses, leading risk and regulatory reviews, identifying threats, and communicating with senior leaders and other stakeholders, coordinating Information Security awareness and education programs. Additionally, the ISO ensures a Business Unit system-wide disaster recovery and incident response plans are in place.
As an Information Security Officer, you’re expected to:
- Act as the first line of defense for information security. Be a trusted advisor to the business and engagement point for all information security matters to help avoid taking unnecessary security risks. Define security control requirements and plan to implement them.
- Develop an Information Security strategy and drive alignment with business goals, regulatory compliance and ensure confidentiality, integrity, availability, safety, and privacy of assets.
- Participate in the definition, verify the implementation and continuous compliance of policies and procedures referred by the Central Bank of Mexico (BANXICO) and National Banking and Value Commission (CNBV).
- Verify periodically controls over Technological Infrastructure, the chain of custody, and role-based access control
- Maintain the governance and procedures for vulnerability management program aligning both Corporate and Regulatory requirements.
- Design, maintain, and test procedures to manage information security incidents that ensure the correct identification, contention, and evidence collection.
- Define, maintain, and where pertinent align regulatory requirements over procedures that support the scope for both internal and external audits.
- Manage operational risk for payment & transfer methods through its lifecycle (identification, monitoring, and mitigation).
- Define or contribute to technical security compliance roadmaps
- Develop and coordinate Information Security-related training and awareness programs for all Mexico BU employees.
- Strong leadership skills with exceptional communication and presence.
- Advanced knowledge of regulations and control environment.
- Knowledge of multiple IT controls, project management practices, and experience working across large environments.
- Ability to collaborate with high-performing teams and individuals throughout Nubank to accomplish common goals.
- Demonstrated experience in working and interacting with regulators and auditors.
- Proficiency in Information Security domains, including policies and standards, risk and control assessments, access controls, regulatory compliance, technology resiliency, risk and control governance and metrics, incident management, secure systems. development lifecycle, vulnerability management, and data protection
- Experienced understanding and knowledge of common industry Information Security frameworks standards, and methodologies including ISO2700x series, PCI DSS, OWASP, CIS, and NIST standards.
- Advanced English, written and spoken.
- Spanish native speaker.
- Health and life insurance
- Dental and vision plans
- 15 days of paid vacations with 25% bonus
- Aguinaldo (30 days)
- Yearly performance-based bonus in Restricted Stock Units
- NuLanguage - Our language learning program
- Extended maternity and paternity leaves
- Physical location amenities
- Food card
Diversity and Inclusion at Nu
We want to build products and experiences for everyone who wants to take back control over their finances, that's why we build strong and diverse teams that rise up to the challenge. We are a team of the most creative people in technology, and we hire under equal opportunity, irrespective of gender, ethnicity, religion, sexual orientation or background. We are proud to say that 30% of our team recognize themselves as part of the LGBTQ+ community, and 40% of our team identify as women, in all positions and seniority levels. We are a very process-light organization that values human interactions, and that is a very important part of our culture. At Nu, everyone has the opportunity to speak up and participate, grow and share ideas.