💼 About This Role

You'll lead cybersecurity and incident response for a regulated crypto-asset exchange in Brazil, ensuring compliance with Central Bank regulations. You'll build and oversee the security operations function, protect cryptographic key infrastructure, and integrate security into the risk framework. This role carries statutory regulatory responsibility and requires registration with the Central Bank of Brazil.

🎯 What You'll Do

• Design and maintain Cybersecurity Policy, Incident Response Plan, and Cloud Services Contracting Policy
• Oversee private key protection and custody architecture (cold/hot/warm wallets, MPC, multisig, HSM)
• Lead security operations (SOC/SIEM, threat intelligence, vulnerability management, pentests, red-team)
• Ensure timely incident reporting to BCB, ANPD, and other authorities; coordinate post-incident remediation

📋 Requirements

• 10+ years of cybersecurity experience with 5+ years in leadership within financial institutions, fintechs, or crypto exchanges
• Hands-on expertise in cryptographic key management, blockchain security, cloud security (AWS/GCP), SOC operations, DLP, IAM/PAM, and incident response
• Working knowledge of BCB Resolution 85/2021, BCB Resolution 520/2025, LGPD, ISO 27001, NIST CSF 2.0, and PCI DSS
• Industry certifications such as CISSP, CISM, CCSP, CCSK, or CISA

✨ Nice to Have

• Prior experience as a statutory officer in a BCB or CVM-regulated institution
• Experience supporting a BCB authorisation process or implementing a cybersecurity programme from scratch
• Direct experience in crypto-asset exchanges, custodians, or wallet providers

📨 Hiring Process

Estimated timeline: 2-4 weeks · AI estimate

1. 1Recruiter Call· 30 min
2. 2Technical Interview· 60 min
3. 3Executive Interview· 45 min