Lead Security Engineer (GRC)

TL;DR

Lead Security Engineer (GRC): Defining security governance strategies and managing compliance for a global financial platform with an accent on ISO 27001, PCI-DSS, and regulatory alignment. Focus on identifying control gaps, orchestrating audits, and leveraging AI/automation to scale security maturity across engineering and business units.

Location: Must be based in or able to commute to Belo Horizonte, Campinas, Rio de Janeiro, or Sao Paulo

Company

hirify.global is one of the world's largest digital banking platforms, dedicated to simplifying financial services for millions of customers across Brazil, Mexico, and Colombia.

What you will do

• Act as a senior technical reference for security, certifications, and internal controls.
• Identify and remediate control gaps in technical procedures for ISO 27001 and PCI-DSS compliance.
• Partner with business and technical leaders to orchestrate scalable audits and risk-based remediation plans.
• Collaborate with engineering, product, and IT teams to embed security requirements into systems and processes.
• Define and monitor KRIs and KPIs to provide data-driven insights to leadership.
• Drive continuous improvement of security maturity and simplify processes as the company scales.

Requirements

• Advanced English proficiency (written and verbal) is required
• Solid experience in information security with deep knowledge of PCI-DSS, ISO 27000, and NIST frameworks.
• Proven track record in security certification, internal controls, compliance, and audit support.
• Experience in regulated and global environments interacting with auditors and regulators.
• Strong background in cloud environments such as AWS or GCP.
• Familiarity with AI and automation tools to enhance security compliance use cases.

Nice to have

• Relevant certifications such as CRISC, CISA, Security+, CISSP, or CISM.
• International work experience.

Culture & Benefits

• Equity opportunities at hirify.global.
• Comprehensive health, dental, and life insurance plans.
• NuCare support program for psychological, financial, and legal assistance.
• NuLanguage and Nucleo platforms for continuous learning and language development.
• 30 days of paid vacation and extended parental leave with daycare allowance.
• Hybrid work model with a provided work-from-home allowance.