At EBANX, you’ll help expand access to payments and technology in some of the world’s most dynamic markets. We’re a unicorn-status fintech, AI-powered, and scaling fast across 29 countries and counting.
Our platform connects leading global companies to more than 1 billion consumers, enabling seamless cross-border payments where it matters most. We build with purpose, move with speed, and create solutions that are both innovative and inclusive.
If you’re looking to be part of a company that’s transforming the future of payments with clarity, ambition, and real-world impact — we’d love to meet you.
Responsibilities
- Lead and develop a high-performing Information Security team focused on Risk Management and Security Governance;
- Drive the identification, assessment, prioritization, and treatment of information security risks, ensuring clear visibility and effective communication of risk exposure to senior leadership;
- Oversee the implementation, maintenance, and continuous improvement of compliance programs and certifications, including ISO/IEC 27001, ISO/IEC 27701, ISO/IEC 27018, and PCI DSS;
- Define and maintain the Information Security governance framework, including policies, standards, procedures, and control oversight;
- Coordinate internal and external audits, security assessments, and the execution of remediation and risk treatment plans;
- Define, monitor, and report security KPIs, KRIs, and program effectiveness metrics, providing actionable insights to business and executive stakeholders;
- Drive the organization's security awareness and culture strategy through training programs, phishing simulations, targeted campaigns, and employee engagement initiatives;
- Partner with cross‑functional teams (Legal, Risk, HR, Engineering, Product, and Compliance) to embed security and risk management practices into business processes and strategic initiatives;
- Ensure security requirements are incorporated into new products, services, vendors, and third‑party relationships from the earliest stages of engagement;
- Provide regular reporting on security governance, compliance status, risk landscape, and strategic initiatives to leadership and relevant governance forums;
- Foster a culture of accountability, continuous improvement, and security‑first decision‑making across the organization.
Qualifications
- Proven experience leading teams, with the ability to motivate, coach, and develop people;
- Strong expertise in Information Security Risk Management, including risk identification, assessment, prioritization, treatment, and executive‑level reporting;
- Deep knowledge of Information Security Governance and Compliance, including risk management, internal controls, and security frameworks;
- Hands‑on experience with global standards and certifications such as ISO/IEC 27001, ISO/IEC 27701, ISO/IEC 27018, and PCI DSS;
- Strong communication skills, with the ability to translate technical risks into business impacts for both technical and executive audiences;
- Proven track record managing audits, assessments, and external regulatory demands;
- Analytical mindset with a business‑oriented approach, connecting security decisions, risk exposure, and compliance requirements with strategic goals;
- Experience designing and running awareness programs that go beyond checklists and truly shift culture;
- Passion for innovation and AI‑driven efficiency, with a proactive approach to leveraging AI and automation to optimize processes, reduce operational overhead, and enhance operational effectiveness;
- Advanced English – you’ll often interact with international stakeholders.
Bonus Points
- Advanced certifications in Information Security, Risk Management, or Governance, such as ISO/IEC 27001 Lead Auditor/Lead Implementer, CRISC, CISM, CISSP, or similar;
- Experience working in global or multicultural environments, with distributed teams and international operations;
- Familiarity with additional governance and risk frameworks such as NIST CSF, COBIT, SOX, or third‑party risk management programs;
- Knowledge of cloud security standards (e.g., AWS, GCP, Azure) and secure development practices;
- Hands‑on experience with awareness platforms (e.g., KnowBe4, Wombat, MetaCompliance) and phishing simulation tools;
- Experience presenting security and risk topics to executive committees, boards, or senior leadership forums;
- Previous involvement in security incident response, including coordination and post‑incident reviews;
- Passion for building a security culture, storytelling, and engaging people in non‑technical areas;
- Hands‑on experience using Artificial Intelligence (AI) or Machine Learning to automate governance processes, enhance risk analysis, streamline controls management, or improve compliance monitoring.
Benefits
- WAVES Program: Annual bonuses based on the company’s performance.
- Meal/Food Allowance: Credit provided on a flexible benefits card.
- EBANX Education: Financial support for undergraduate, graduate, and MBA programs to support your professional growth.
- EBANX Skills: Budget dedicated to workshops, courses, and certifications to encourage your continuous development.
- Language Classes: Spanish, English, and Portuguese lessons for your personal and professional development.
- EBANX Health: Comprehensive medical and dental plans fully covered for the employee, plus subsidies for dependents to take care of your and your family’s well‑being.
- EBANX Family: Childcare assistance, extended parental leave for caregivers, and support programs for pregnant employees and children.
- Life Insurance: Fully paid by EBANX.
- Transportation: Parking assistance or transportation vouchers, depending on your needs.
- EBANX Flexible: A special day off on your birthday, semi‑flexible working hours (8 hours/day, Monday to Friday), and year‑end recess between Christmas and New Year’s without affecting your vacation days.
- EBANX Play: Well‑being program including access to Wellhub, e‑Sports, and partnerships with SESC.
- Blue Club: Exclusive discounts at bakeries, restaurants, stores, courses, and more.
We believe it is possible to create a diverse, equal and inclusive environment.
