Information Security Manager

Lead the information security strategy and the Security by Design journey of the CI&T Flow platform. Define and maintain the strategic security roadmap, prioritizing initiatives based on risks and business impact. Coordinate the implementation, maintenance, and audit of ISO 27001 certification and other regulatory compliances. Accompany architecture evaluations with development and platform teams, analyzing technical risks, proposing mitigation solutions, and evaluating impacts with leadership.

Develop and supervise security governance in Artificial Intelligence, ensuring ethical use, traceability, and data protection in solutions based on LLMs. Manage contracts and partners for security services, such as Pentest, SOC, compliance, and technical auditing. Implement security performance and maturity indicators (KPIs/KRIs), reporting evolution and results to executive leadership. Conduct incident response plans, vulnerability assessments, and continuous threat monitoring. Promote secure innovation, integrating DevSecOps practices, control automation, and AI governance. Plan and manage the security budget, balancing risks, priorities, and sustainable growth. Support sales, legal, and customer success teams in risk analysis, contractual clauses, and security communications with customers. Represent the area in executive committees and strategic forums, translating technical risks into business value.