Senior Security Governance and Risk Consultant

Tenchi Security
📍 São Paulo - SP Publicado 25/11/2025 Área: Consultor de Governança e Risco de Segurança Sênior

Entre ou cadastre-se para liberar a candidatura

Faça login para acessar o link e 86.337 vagas ativas.

  • Link original liberado
  • Alertas de vagas
  • Favoritas salvas

Sem custo — leva cerca de 1 minuto.

Sobre a vaga

Leia os requisitos e vantagens antes de aplicar. Atualize seu currículo para aumentar as chances.

Local: State of São Paulo - São Paulo, Brazil, TELECOMMUTE, State of São Paulo, Brazil Formato: Remoto

Local

São Paulo - SP

Remoto

Responsabilidades

  • Lead the planning, execution, and delivery of security governance and risk management projects for clients across various industries; Conduct security maturity assessments based on established frameworks (e.g., NIST CSF, CIS Controls, ISO/IEC 27001), and identify gaps, risks, and areas for improvement; Design, implement, and maintain Information Security Management Systems (ISMS) in compliance with ISO 27001 or other relevant standards; Develop and manage Information Security Master Plans (PDSI), aligning security strategy with business objectives; Execute Third Party Cyber Risk Management (TPCRM) processes, including due diligence assessments, vendor risk scoring, and remediation planning; Lead or support cybersecurity audits and regulatory compliance reviews (e.g., LGPD, GDPR, SOX); Provide guidance and recommendations to clients on risk mitigation strategies, security policies, procedures, and controls; Collaborate with cross-functional teams (Legal, IT, Compliance, Procurement, etc.) to embed security governance into broader business processes; Conduct occasional on-site visits to clients or third parties as required by project needs; Deliver executive-level reporting and presentations on risk posture, findings, and strategic recommendations; Mentor junior consultants and support internal capability development within the GRC team; Stay up to date with emerging threats, regulatory changes, and industry trends to continuously enhance client value and service delivery.

Requisitos

  • Deep understanding of security frameworks, regulations, and cybersecurity compliance requirements (e.g., NIST, CIS, ISO/IEC 27000); Proven track record of leading and delivering complex security projects with direct client interaction; Experience with risk assessment tools and methodologies is a plus; Strong analytical, organizational, and problem-solving skills; Excellent interpersonal and communication abilities, with the capability to convey complex topics in a clear and concise manner; Certifications such as CISSP, CISM, CRISC, or similar are strongly preferred; Comfortable working in remote environments while maintaining high engagement and collaboration with clients and teams.

Diferenciais

  • Fluency in Portuguese and English.

Sobre a empresa

Tenchi is a Cyber Security company building innovative technology focused on Third-Party Cyber Risk Management for businesses. Founded by serial entrepreneurs and supported by solid institutional investors, we are driven to disrupt this fast-growing industry. Tenchi was created to tackle a real challenge: companies often face security risks because their third-parties don't maintain the same level of cyber protection. This gap leaves even the largest organizations potentially vulnerable to incidents they can't directly control. That's exactly where we step in. Our TPCRM SaaS solution, Zanshin, is the only global TPCRM solution that offers both inside-out and outside-in visibility - combining external attack surface monitoring with automated, continuous, and non-intrusive assessments of cloud infrastructure (IaaS, PaaS, SaaS) and security controls.