BISO - Business Information Security Officer

Jobgether · Brazil

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a BISO – Business Information Security Officer based in Brazil.

In this role, you will act as the critical bridge between Information Security and Product & Engineering teams, embedding security directly into the product development lifecycle rather than applying it as a late-stage control function. You will operate at the intersection of risk, technology, and business execution, ensuring that security becomes a natural part of decision-making within fast-moving product squads. This is a highly strategic and collaborative position where you will translate security requirements into practical, product-friendly guidance that enables rather than blocks innovation. You will work embedded within product and engineering environments, participating in daily rituals, planning, and architectural discussions. Your impact will be measured by how effectively security is integrated into development culture and how much trust you build with product teams. This is a foundational role designed to reshape how security and product collaborate at scale.

Accountabilities:

  • Act as the primary and continuous security partner for Product and Engineering teams, ensuring Information Security is embedded throughout the development lifecycle.
  • Participate actively in product rituals, roadmap planning, and technical discussions as an integrated team member rather than an external reviewer.
  • Translate complex security requirements into clear, actionable guidance for engineers, product managers, and technical leaders.
  • Identify, assess, and communicate security risks in a business-oriented way, enabling informed and conscious decision-making across teams.
  • Build and maintain risk treatment plans with product and engineering stakeholders, prioritizing based on business impact and exposure.
  • Facilitate secure access management processes in collaboration with IAM teams, reducing operational friction while maintaining control standards.
  • Support secure-by-design practices, including threat modeling, architecture reviews, and integration of security into development workflows.
  • Promote a security-first culture through continuous education, awareness initiatives, and proactive engagement with product teams.
  • Identify recurring risk patterns and drive systemic improvements across products, platforms, and engineering practices.
  • Requirements:

    • Strong background in Information Security with experience partnering directly with Product, Engineering, or Software Development teams.
    • Solid knowledge of risk management, security governance, and frameworks such as ISO 27001, NIST, or equivalent.
    • Familiarity with agile software development environments and modern product engineering practices.
    • Proven ability to communicate and influence without formal authority, translating security needs into business-relevant language.
    • Experience working in technology, SaaS, fintech, or similarly fast-paced digital environments (preferred).
    • Strong relationship-building skills with the ability to establish trust and long-term collaboration with technical teams.
    • Strategic mindset with the ability to anticipate risks and connect security considerations across multiple domains.
    • Business-oriented approach, understanding that security enables growth, not just compliance.
    • Strong facilitation skills, acting as a connector between security, product, and engineering stakeholders.
    • Benefits:

      • Competitive compensation aligned with experience and market standards
      • Remote-first or flexible work model
      • Meal and/or food allowance support
      • Comprehensive health, dental, and life insurance coverage
      • Extended maternity and paternity leave policies
      • Childcare and dependent support assistance
      • Wellness benefits including gym memberships and mental health support platforms
      • Flexible working hours and autonomy over schedule
      • Annual performance-based incentive program (ICP)
      • Education and professional development support, including language learning partnerships
      • Day off on your birthday
      • Additional paid recharge days for rest and recovery
      • Inclusive benefits supporting diversity, identity, and accessibility needs
      • Strong focus on learning, culture-building, and continuous improvement in security maturity

Security pay context

Based on 1,666 disclosed Security salaries on RoleSuite, the role pays a median of $142K/year, with most offers between $114K and $179K (10th–90th percentile: $95K–$215K).

See the full Security salary breakdown →
Apply →