
WPP · São Paulo
WPP is the trusted growth partner for the world’s leading brands. We unite cutting-edge media intelligence and data solutions, world-class creativity, next-ge...
WPP is the trusted growth partner for the world’s leading brands.
We unite cutting-edge media intelligence and data solutions, world-class creativity, next-generation production, transformative
enterprise solutions and expert strategic counsel in a single company – powered by exceptional talent and our agentic marketing
platform, WPP Open, to help our clients navigate change, capture opportunity and deliver transformational growth.
We work with the world's most valuable brands and have global reach across 100+ markets, with deep local expertise.
Our people are the key to our success. We're committed to fostering a culture of creativity, belonging and continuous learning,
attracting and developing the brightest talent, and providing exciting career opportunities that help our people grow.
For more information, visit WPP.com.
The Technical Security Governance Lead is responsible for leading one or more technical security governance domains within Digital
Security & Risk Management (DSRM). The role defines enforceable security guardrails and minimum baselines, monitors security
posture and exposure, and provides independent oversight and challenge to Enterprise Technology (ET), DT&S engineering teams, and
business-managed technology owners.
This role focuses on risk, exposure, and control effectiveness—ensuring that technical security risks are consistently identified,
assessed, escalated, and reported—without designing, building, configuring, or operating technology platforms.
Technical Security Governance
teams.
Compliance Monitoring
owners.
where required.
Collaboration and Stakeholder Engagement
into delivery workflows.
context.
Domain Related Responsibilities - Identity
weaknesses.
environments.
Essential
environment
management.
Nice-to-Have
management approaches.
Key Behaviour's & Competencies
firms, or global technology businesses — where governance relies on influence rather than control.
design, and executive risk reporting.
recognise when you are being given an incomplete picture.
senior and non-technical audiences.
protection frameworks.
Applicants are asked to submit their application in English.
You're open: We are inclusive and collaborative; we encourage the free exchange of ideas; we respect and celebrate diverse views.
We are open-minded: to new ideas, new partnerships, new ways of working.
You're optimistic: We believe in the power of creativity, technology and talent to create brighter futures or our people, our
clients and our communities. We approach all that we do with conviction: to try the new and to seek the unexpected.
You're extraordinary: we are stronger together: through collaboration we achieve the amazing. We are creative leaders and pioneers
of our industry; we provide extraordinary every day.
Passionate, inspired people – We aim to create a culture in which people can do extraordinary work.
Scale and opportunity – We offer the opportunity to create, influence and complete projects at a scale that is unparalleled in the
industry.
Challenging and stimulating work – Unique work and the opportunity to join a group of creative problem solvers. Are you up for the
challenge?
#LI-Hybrid
We believe the best work happens when we're together, fostering creativity, collaboration, and connection. That's why we’ve
adopted a hybrid approach, with teams in the office around four days a week. If you require accommodations or flexibility, please
discuss this with the hiring team during the interview process.
WPP is an equal opportunity employer and considers applicants for all positions without discrimination or regard to particular
characteristics. We are committed to fostering a culture of respect in which everyone feels they belong and has the same
opportunities to progress in their careers.
PLEASE READ OUR PRIVACY NOTICE (HTTPS://WWW.WPP.COM/EN/CAREERS/WPP-PRIVACY-POLICY-FOR-RECRUITMENT) FOR MORE INFORMATION ON HOW WE
WPP is the trusted growth partner for the world’s leading brands. We unite cutting-edge media intelligence and data solutions, world-class creativity, next-generation production, transformative enterprise solutions and expert strategic counsel in a single company – powered by exceptional talent and our agentic marketing platform, WPP Open, to help our clients navigate change, capture opportunity and deliver transformational growth. We work with the world's most valuable brands and have global reach across 100+ markets, with deep local expertise. Our people are the key to our success. We're committed to fostering a culture of creativity, belonging and continuous learning, attracting and developing the brightest talent, and providing exciting career opportunities that help our people grow. For more information, visit WPP.com. Why we're hiring: We are looking to hire an individual that will own the identification, assessment, documentation and monitoring of digital and information security risks across WPP, ensuring risks are clearly articulated, consistently assessed and effectively tracked. What you'll be doing Risk Assessment & Management * Conduct enterprise and operational security risk assessments. * Ensure risk statements, impact and likelihood justifications are clear and defensible. * Maintain accurate and current risk records within approved GRC tooling. Risk Management * Conduct organisational-level, third-party or product risk assessments to identify technical, process and/or procedural vulnerabilities and recommend mitigation strategies. * Support the implementation of WPP’s Digital Security risk management framework, ensuring alignment with organisational goals. * Monitor and report on Key Risk Indicators (KRIs) to provide insights into WPP’s cybersecurity posture. Risk Treatment & Monitoring * Support risk owners in defining proportionate mitigation actions. * Track remediation progress and reassess residual risk. * Escalate material risk changes or overdue actions. What you'll need: Essential: * Fluent English (reading, writing, and conversation). * Bachelor’s degree in Information Security, Risk Management, or equivalent * Experience in cybersecurity governance, GRC, or risk support roles. * Strong understanding of cybersecurity policies, standards, and frameworks (e.g. ISO 27001, NIST CSF). * Ability to work with governance, assurance, and technical teams to maintain clear and usable frameworks. * Strong written communication skills, with high attention to accuracy and consistency. * Foundational understanding of cloud computing models (IaaS, PaaS, SaaS) and associated security risks. * Awareness of common cyber risk scenarios related to cloud platforms, SaaS environments, identity, and third-party integrations. * Exposure to emerging technology risks, such as AI-enabled systems, automation, and digital transformation initiatives. * Ability to assess risks across modern, distributed technology environments. * Foundational understanding of DevSecOps principles and secure-by-design approaches within modern software development lifecycles. * Ability to elevate the role to value-driven cyber risk management Nice - to- have * Certifications such as CISSP, CISM, or CRISC. * Familiarity with GRC tools and risk management platforms. * Working knowledge of agile methodologies. * Experience in multinational, multicultural and matrixed companies. Key Behaviours & Competencies * Proactive Problem-Solving: Anticipates challenges in governance and compliance activities and develops effective solutions. * Collaborative: Builds strong relationships across teams (e.g., Legal, Enterprise Technology) to ensure alignment and efficiency. * Detail-Oriented: Ensures accuracy and consistency in governance documentation, role definitions, and standards. * Adaptable: Thrives in a fast-paced environment and adjusts quickly to changing priorities or regulatory requirements. * Ethical Integrity: Maintains high ethical standards, ensuring compliance with policies and safeguarding WPP’s reputation. * Analytical Thinking: Demonstrates strong analytical skills to interpret complex data and identify actionable insights. * Communication Skills: Clearly articulates findings, recommendations, and technical concepts to non-technical stakeholders. * Structured & Methodical: Applies a disciplined approach to governance maintenance and change control. * Collaborative: Works effectively with Strategy & Risk, TSG, Assurance, and Legal to support the governance lifecycle. Who you are: You're open: We are inclusive and collaborative; we encourage the free exchange of ideas; we respect and celebrate diverse views. We are open-minded: to new ideas, new partnerships, new ways of working. You're optimistic: We believe in the power of creativity, technology and talent to create brighter futures or our people, our clients and our communities. We approach all that we do with conviction: to try the new and to seek the unexpected. You're extraordinary: we are stronger together: through collaboration we achieve the amazing. We are creative leaders and pioneers of our industry; we provide extraordinary every day. What we'll give you: Passionate, inspired people – We aim to create a culture in which people can do extraordinary work. Scale and opportunity – We offer the opportunity to create, influence and complete projects at a scale that is unparalleled in the industry. Challenging and stimulating work – Unique work and the opportunity to join a group of creative problem solvers. Are you up for the challenge? #LI-Hybrid We believe the best work happens when we're together, fostering creativity, collaboration, and connection. That's why we’ve adopted a hybrid approach, with teams in the office around four days a week. If you require accommodations or flexibility, please discuss this with the hiring team during the interview process. WPP is an equal opportunity employer and considers applicants for all positions without discrimination or regard to particular characteristics. We are committed to fostering a culture of respect in which everyone feels they belong and has the same opportunities to progress in their careers. PLEASE READ OUR PRIVACY NOTICE (HTTPS://WWW.WPP.COM/EN/CAREERS/WPP-PRIVACY-POLICY-FOR-RECRUITMENT) FOR MORE INFORMATION ON HOW WE PROCESS THE INFORMATION YOU PROVIDE.
WPP is the trusted growth partner for the world’s leading brands. We unite cutting-edge media intelligence and data solutions, world-class creativity, next-generation production, transformative enterprise solutions and expert strategic counsel in a single company – powered by exceptional talent and our agentic marketing platform, WPP Open, to help our clients navigate change, capture opportunity and deliver transformational growth. We work with the world's most valuable brands and have global reach across 100+ markets, with deep local expertise. Our people are the key to our success. We're committed to fostering a culture of creativity, belonging and continuous learning, attracting and developing the brightest talent, and providing exciting career opportunities that help our people grow. For more information, visit WPP.com. Why we're hiring: The Security Awareness Specialist will lead the design, delivery, and continuous evolution of our global security awareness programme. This role owns the full training lifecycle—from planning and content creation through to monthly delivery, engagement, and performance measurement. As part of the global Digital Security & Risk Management function, you will play a key role in shaping secure behaviours across WPP. You’ll achieve this through engaging training experiences, behavioural nudges, and impactful monthly spotlight campaigns aligned to our annual strategy. This is a hands-on role requiring creativity, structure, and the ability to drive consistent behavioural change at scale through our learning platforms. What you'll be doing: Programme Planning * Develop and maintain the annual security awareness and behaviour change roadmap * Align monthly themes with key organisational risks, the evolving threat landscape, and regulatory requirements (e.g., ISO 27001/42001, SOC2) * Continuously enhance the programme using AI-driven approaches, microlearning, and behavioural science techniques Content Creation & Training Development * Design high-quality, engaging training content (videos, modules, microlearning, quizzes, infographics, behavioural nudges) * Craft clear, creative, and human-centred messaging for campaigns and monthly spotlights * Partner with security SMEs to translate complex technical risks into simple, actionable behaviours * Maintain and evolve a library of evergreen learning materials Training Delivery * Build, configure, and publish monthly training modules in the Learning Management System (LMS) * Ensure content is accessible, relevant, and consistent across regions and brands Monthly Spotlight Campaigns * Deliver targeted awareness campaigns aligned to the annual programme (e.g., phishing, identity security, AI safety, data handling) * Execute short-form behavioural nudges via email, intranet, and internal communications channels Measurement & Continuous Improvement * Track training completion, engagement, and behavioural outcomes * Analyse data from phishing simulations, LMS analytics, and incident trends to inform programme improvements * Produce monthly and quarterly reporting for the CISO and security leadership * Benchmark programme effectiveness against industry standards Collaboration & Stakeholder Management * Partner with Business Security Services leads and stakeholders to drive adoption and engagement * Support awareness initiatives during major incidents, policy updates, and key business events What you'll need: * Experience in security awareness, internal communications, learning design, or behavioural training * A strong ability to simplify complex cyber security concepts into clear, actionable messaging * Excellent storytelling, copywriting, and content creation skills * Hands-on experience with LMS platforms and e-learning authoring tools * Strong organisational and project management skills, with the ability to manage a consistent monthly cadence * Comfortable operating in a fast-paced, global environment * Solid understanding of cyber security fundamentals (e.g., phishing, identity, data handling, cloud, AI safety) * Familiarity with behavioural science principles (e.g., nudging, habit formation, reinforcement) is a plus Please submit your application in English. Who you are: You're open: We are inclusive and collaborative; we encourage the free exchange of ideas; we respect and celebrate diverse views. We are open-minded: to new ideas, new partnerships, new ways of working. You're optimistic: We believe in the power of creativity, technology and talent to create brighter futures or our people, our clients and our communities. We approach all that we do with conviction: to try the new and to seek the unexpected. You're extraordinary: we are stronger together: through collaboration we achieve the amazing. We are creative leaders and pioneers of our industry; we provide extraordinary every day. What we'll give you: Passionate, inspired people – We aim to create a culture in which people can do extraordinary work. Scale and opportunity – We offer the opportunity to create, influence and complete projects at a scale that is unparalleled in the industry. Challenging and stimulating work – Unique work and the opportunity to join a group of creative problem solvers. Are you up for the challenge? #LI-Hybrid We believe the best work happens when we're together, fostering creativity, collaboration, and connection. That's why we’ve adopted a hybrid approach, with teams in the office around four days a week. If you require accommodations or flexibility, please discuss this with the hiring team during the interview process. WPP is an equal opportunity employer and considers applicants for all positions without discrimination or regard to particular characteristics. We are committed to fostering a culture of respect in which everyone feels they belong and has the same opportunities to progress in their careers. PLEASE READ OUR PRIVACY NOTICE (HTTPS://WWW.WPP.COM/EN/CAREERS/WPP-PRIVACY-POLICY-FOR-RECRUITMENT) FOR MORE INFORMATION ON HOW WE PROCESS THE INFORMATION YOU PROVIDE.
Team Description As part of the AML Brazil team, you will play a key role in our Quality Assurance front, helping ensure the quality and consistency of our AML processes. You will review case investigations, support compliance with AML regulations, and identify gaps and opportunities for improvement across the end-to-end AML framework. Our AML team is part of a global structure, providing you with continuous interaction and collaboration with international teams. What you will do * Perform quality assurance reviews of AML transaction monitoring activities, including case investigations and regulatory reporting decisions. * Identify control gaps, perform root cause analysis, and support improvements to AML monitoring procedures * Provide clear and actionable feedback to analysts based on QA findings. * Identify anomalies related to money laundering and other reputational risks. * Work closely with a Senior AML Analyst to support the monthly review for the MLRO Forum, tracking agreed actions and reporting key AML risks to SumUp’s local Board. You will be great for this role if * You have previous experience in Anti-Money Laundering (AML). * You demonstrate solid knowledge of AML regulations and financial market legal requirements. * You have advanced English skills for technical reading and internal communication. * You possess a sharp analytical profile and an extreme attention to detail, enabling you to identify potential risks. * You are a collaborative team player with the ability to resolve conflicts in a fast-paced environment. * Previous experience in Payment Institutions will be considered a plus. Why you should join SumUp 📈Career Growth: Be part of a global team working on large-scale fintech products used by millions of businesses. 📚 Learning & Development: Access an annual budget of R$ 10,000 for education, certifications, and conferences. 🌴 Time Off: Enjoy 30 additional days off through our Break4Me program after 3 years at SumUp. 💸 Grow with Us: Participate in our virtual stock program and benefit from SumUp’s success with company shares. 🌍 Global Experience: Collaborate with a diverse team of 3,000+ people from over 30 countries. 🤝 Collaborative Culture: Join a team that values diversity, innovation, and teamwork, where your ideas and contributions truly matter. 💙 Great Benefits: Health plans, meal vouchers (VR), Zenklub, Wellhub, life insurance, childcare allowance, and more. About SumUp We believe in the everyday hero. Small business owners are at the heart of all we do, so we're creating tools that help them run their businesses. With a founder’s mentality and a 'team-first’ attitude, our diverse teams across Europe, South America, and the United States work together to ensure that the small business owners we partner with can be successful doing what they love. SumUp is an Equal Employment Opportunity employer that proudly pursues and hires a diverse workforce. SumUp does not make hiring or employment decisions on the basis of race, colour, religion or religious belief, ethnic or national origin, nationality, sex, gender, gender identity, sexual orientation, disability, age, or any other basis protected by applicable laws or prohibited by company policy. SumUp also strives for a healthy and safe workplace and strictly prohibits harassment of any kind. SumUp will not accept unsolicited resumes from any source other than directly from a candidate Job Application Tip We recognise that candidates feel they need to meet 100% of the job criteria in order to apply for a job. Please note that this is only a guide. If you don’t tick every box, it’s ok too because it means you have room to learn and develop your career at SumUp.