Cybersecurity Manager

OKTO’s continuous growth demands high-caliber candidates, who can demonstrate professionalism, passion, and creativity. For those who come on board, we offer significant career advancement, challenges, and a runway for growth.

OKTO powers digital payments for every entertainment, leisure, and gaming environment. Our unified payment platform combines secure, real-world transactions with the most powerful payment technology to create immersive payment experience for both merchants and their users.

Since 2019, OKTO has been improving payment interactions for online and retail gaming and introducing frictionless payments with its local knowledge, sector expertise and international capabilities.

The expanding business now employs over 200 payment experts, gaming insiders and software engineers, serving some of the most exciting international markets including, Brazil, Romania, Italy, Greece, Germany, the UK and Spain.

Summary

The Cybersecurity Manager will be responsible for planning, implementing, and overseeing the company’s information security controls, ensuring regulatory compliance (when applicable), data protection, and operational resilience. This role will serve as the main security point of contact, supporting leadership and technical teams in critical decisions while fostering a strong security culture across the organization.

Key Responsibilities

Governance & Compliance

• Develop and maintain security policies, processes, and procedures tailored to the company’s size and needs.
• Ensure compliance with relevant regulations and standards (LGPD, basic ISO 27001 controls, PCI DSS when applicable).
• Provide periodic risk and security status reports to company leadership.

Infrastructure & Cloud Security

• Implement and manage security controls in cloud environments (AWS preferred, but Azure or GCP as applicable).
• Ensure access control, encryption, and secure configurations are consistently applied.
• Collaborate with IT/DevOps teams to embed security into infrastructure and application lifecycles.

Operations & Incident Response

• Monitor security alerts and coordinate response to incidents.
• Maintain an incident response plan, including escalation procedures.
• Conduct basic business continuity and disaster recovery testing.

Application & Development Security

• Support secure development practices (code reviews, vulnerability scans).
• Introduce lightweight DevSecOps practices suitable for the company’s scale.
• Manage secrets, credentials, and sensitive data securely.

Risk, Awareness & Culture

• Assess vendor and third-party risks.
• Coordinate audits and security assessments when required.
• Lead employee awareness initiatives, such as phishing simulations and training sessions.

IT Assets & Support Management

• Manage the lifecycle of IT equipment (procurement, inventory, preventive maintenance).
• Implement patch management practices and security updates on endpoints.
• Monitor support performance indicators and propose continuous improvements to enhance the internal user experience.

Education & Certifications

• Bachelor’s degree in Computer Science, Information Security, Engineering, or related fields (or equivalent practical experience).
• Certifications such as CISSP, CISM, CISA, CompTIA Security+, ISO 27001 Implementer or Lead Auditor, or AWS Security Specialty are a plus.

Experience

• 5+ years of experience in cybersecurity or IT security-related roles.
• Hands-on experience with cloud platforms and security tools.
• Familiarity with compliance requirements (LGPD, PCI DSS, ISO 27001).
• Practical knowledge of incident response and vulnerability management.

Languages:

• Fluent English (mandatory – communication with global stakeholders)
• Portuguese (mandatory).
• Spanish (desirable).

Important Information

• Full-time position under a CLT (Brazilian employment law) contract
• Hybrid work model, based in São Paulo/SP – Brazil

• Competitive compensation – aligned with your experience and the market.
• Meal allowance – provided through a prepaid card, with the flexibility to use part of the balance beyond food expenses.
• Health and dental plan – no monthly cost for you and your dependents, with comprehensive coverage to take care of your health and well-being.
• TotalPass – access to gyms and partner studios, encouraging a healthy and balanced lifestyle.
• Long-Term Incentive Plan – an opportunity for growth and participation in results, building the future together with us.