ai analyst backend bitcoin blockchain community manager crypto cryptography cto customer support dao data science defi design developer relations devops discord economy designer entry level erc erc 20 evm front end full stack gaming ganache golang hardhat intern java javascript layer 2 marketing mobile moderator nft node non tech open source openzeppelin pay in crypto product manager project manager react refi research ruby rust sales smart contract solana solidity truffle web3 py web3js zero knowledge
| Job Position | Company | Posted | Location | Salary | Tags |
|---|---|---|---|---|---|
Coins.ph | Vila Velha, Espírito Santo | $121k - $180k | |||
Bcbgroup | Remote | $105k - $170k | |||
Zscaler | Remote | $161k - $230k | |||
Telcoin | Remote | $105k - $165k | |||
| Learn job-ready web3 skills on your schedule with 1-on-1 support & get a job, or your money back. | | by Metana Bootcamp Info | |||
Okx | Remote | $148k - $149k | |||
Okx | Remote | $129k - $216k | |||
Okx | Remote | $96k - $111k | |||
Okx | Remote | $63k - $90k | |||
Okx | Remote | $121k - $180k | |||
Polygon Labs | United States | $94k - $180k | |||
P2P. org | Japan |
| |||
Inmobi | Remote | $130k - $180k | |||
Figure | Reno, NV, United States | $105k - $132k | |||
Copperco | Remote | $140k - $180k | |||
Copperco | Remote | $180k - $210k |
Director of Cybersecurity & Incident Response (Brazil)
Vila Velha, Espírito Santo
Brazil – Brazil /
Hybrid
apply for this job
COINS.XYZ Digital Markets is the Brazilian arm of the COINS.PH group, a leading licensed Virtual Asset Service Provider in Southeast Asia. We are establishing a regulated Virtual Asset Service Provider (SPSAV) in Brazil under the new framework of Law 14,478/2022 and Central Bank of Brazil (BCB) Resolutions 519, 520 and 521 of 2025, operating as a broker (intermediation + custody) with FX services.
We are hiring a Statutory Director of Cybersecurity and Incident Response, a role formally required under Article 14, III, "e" of BCB Resolution 520/2025. The Director will be registered with the Central Bank of Brazil and will bear personal regulatory responsibility for the cybersecurity posture of a fully regulated crypto-asset exchange and custodian.
We are hiring a Statutory Director of Cybersecurity and Incident Response, a role formally required under Article 14, III, "e" of BCB Resolution 520/2025. The Director will be registered with the Central Bank of Brazil and will bear personal regulatory responsibility for the cybersecurity posture of a fully regulated crypto-asset exchange and custodian.
Key Responsibilities
- Design, implement and maintain the Cybersecurity Policy, the Incident Response Plan, and the Cloud Services Contracting Policy, in line with BCB Resolution 85/2021 and BCB Resolution 520/2025.
- Oversee the protection of private keys and the custody architecture (cold/hot/warm wallets, MPC, multisig, HSM).
- Lead the security operations function (SOC/SIEM, threat intelligence, vulnerability management, pentests, red-team).
- Ensure timely reporting of relevant incidents to the BCB, ANPD (LGPD) and other authorities, and coordinate post-incident remediation.
- Manage third-party and cloud risk (vendor due diligence, contractual safeguards, BCB notification regime for relevant IT contracts).
- Integrate cybersecurity into the broader risk framework alongside the Risk, Compliance, AML and IT functions.
- Build and lead the cybersecurity team; embed a security-by-design culture.
- Represent the company before regulators, auditors and the Board on cybersecurity matters.
Mandatory Requirements
- Brazilian residency (mandatory for statutory directors of BCB-regulated entities).
- Unblemished reputation, no criminal convictions in the offences listed in Article 11 of BCB Resolution 519/2025, no current disqualification or suspension in any regulated financial institution, no bankruptcy, no BCB rejection in the past three years.
- Demonstrated technical capacity and knowledge of the cybersecurity domain compatible with BCB Normative Instruction 712/2025 and CMN Resolution 4,970/2021 fit & proper standards.
- Willingness to undergo BCB authorisation procedures and ongoing supervisory scrutiny.
Qualifications
- Bachelor's degree in Computer Science, Information Security, Engineering or equivalent; postgraduate degree preferred.
- 10+ years of cybersecurity experience, with at least 5 years in leadership roles within financial institutions, fintechs, crypto exchanges or critical-infrastructure environments.
- Hands-on expertise in: cryptographic key management, blockchain and smart-contract security, cloud security (AWS/GCP), SOC operations, DLP, IAM/PAM, threat modelling, incident response and digital forensics.
- Working knowledge of BCB Resolution 85/2021, BCB Resolution 520/2025, LGPD (Law 13,709/2018), ISO 27001, NIST CSF 2.0 and PCI DSS.
- Industry certifications such as CISSP, CISM, CCSP, CCSK, CISA or equivalent.
- Fluent Portuguese and advanced English.
Differentiators
- Prior experience as a statutory officer in a BCB or CVM-regulated institution.
- Experience supporting a BCB authorisation process or implementing a cybersecurity programme from the ground up.
- Direct experience in crypto-asset exchanges, custodians or wallet providers.
- Familiarity with international VASP frameworks (FATF, MAS, MiCA).
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
apply for this job