Cybersecurity Manager
Mexico City, Mexico City, Mexico
Full Time
2 weeks ago
$150,000 MXN
No Sponsorship
Key skills
CloudCyber SecurityRisk ManagementCommunication
About this role
Role Overview
- Perform the duties of the Information Security Officer to address regulatory requirements (CNBV, Banxico), serving as the role holder.
- Ensure the information security strategy remains up to date to leverage new technology and evolving threat intelligence.
- Manage regulatory compliance (IFPE, CNBV, BANXICO, financial entity, among others); implement internal control and a testing model for regulations applicable to financial services and technology.
- Define and maintain the Information Security and Cybersecurity practice based on international standards (ISO 27001, ISO 27002, ISO 27017, ISO 27032, NIST CSF, NIST 800-53, CIS Controls, PCI DSS).
- Ensure management of regulatory and information security risks; maintain a comprehensive risk management model and collect information required for regulatory reporting.
- Define, implement, and keep up to date a security dashboard with key indicators applied to products and technology.
- Support third-party selection processes and perform second-line reviews of third-party security compliance.
- Partner with operations/technology teams to design security controls ensuring adherence to information security policies and best practices across products, applications, tools, and infrastructure.
- Manage security alerts communicated by regulators or other sources, and manage information security incidents across identification, protection, detection, response, and recovery stages.
- Validate and approve completion of corrective measures to address improvement areas and audit findings related to technology infrastructure and information security.
- Support ongoing supervision activities, including regulatory examinations, ensuring compliance with all regulatory reporting obligations.
- Serve as the point of contact for regulatory inquiries regarding Information Security related to the organization’s products, services, and activities.
- Maintain strong industry knowledge of regulations, changes, trends, and the impact of Mexican regulations on the business.
- Ensure appropriate processes exist for the timely and accurate submission of regulatory reports.
Requirements
- Bachelor’s degree in Computer Systems Engineering, Computer Science, or a related field.
- A relevant financial certification is a plus.
- 5+ years designing and implementing the security scheme and addressing operational requirements for Electronic Payment Funds Institutions (IFPE).
- 5+ years implementing Information Security and Cybersecurity best practices: definition, implementation, and continuous assessment of controls, policies, and procedures (e.g., ISO 27001, ISO 27002, ISO 27032, NIST CSF, CIS Controls, PCI DSS).
- 3+ years managing compliance programs for technology and information security regulatory matters within the financial industry or regulated payments/financial services in Mexico (digital bank, IFPE, financial institutions, banking correspondents, SPEI participants).
- 3+ years designing and implementing the security scheme and addressing regulatory requirements applicable to financial entities/societies.
- 3+ years of experience in technology risk and information security risk management.
- Experience engaging with regulators and preparing materials, acting as the lead for regulatory requirements, internal control, and compliance for SPEI (Information Security Officer).
- Proven capability to manage third-party/vendor information security for IFPE services, technology, and processes requiring security assessment.
- Expert knowledge and experience with enterprise security technologies, tools, and services for cybersecurity and data protection (cloud, IT infrastructure, networks, applications, mobile, endpoint).
- Highly organized, strong attention to detail, and able to manage multiple initiatives while meeting tight deadlines.
- Proven ability to lead meetings with financial regulators and senior executives.
- Proactive, time-sensitive, and results-driven approach to responsibilities.
- Ability to adapt to changing business and regulatory environments.
- Unquestionable ethics and integrity; commitment to inclusion and trust.
- Ability to work independently with limited supervision.
- Exceptional analytical and problem-solving skills.
- Ability to communicate complex ideas clearly and effectively.
- Adapt to cross-cultural and time zone international working environments.
- Excellent communication skills, optimistic and upward, strong self-motivation, ability to withstand pressure, and self-reflection consciousness.
- Mandatory: Native or fluency in Spanish and English.
- Preferred: Conversational in Chinese (Mandarin).
Tech Stack
- Cloud
- Cyber Security
Benefits
- Major Medical Insurance: 100% coverage for the employee and 50% for dependents
- Life Insurance
- 30 days of Christmas bonus (aguinaldo)
- 80% vacation premium on 12 vacation days, plus 1 PTO day per month
- Savings Fund: 13%
- Grocery vouchers (capped)
- Annual performance bonus: 10% for individual contributors, 15% for managers, calculated based on both individual performance and company performance