• Develop and deliver strategies that optimize balance sheet performance when member-based loan growth is insufficient • Provide leadership, coaching, and support to the specialized lending team • Lead development and delivery of the specialized lending/third-party transaction strategic plan, annual operating plan, and budget • Use industry trends, market dynamics, and emerging risk insights to shape strategy and guide decisions • Lead the origination, structuring, and ongoing management of specialized lending and liquidity transactions (syndications, participations, whole-loan purchases, secondary market activity, investment products, CUSO/correspondent partnerships) • Monitor markets and risk indicators to adjust tactics and optimize liquidity deployment opportunities • Provide people leadership for the specialized lending management team (oversight, coaching, development, performance expectations, succession planning) • Approve transactions within delegated authority and escalate higher-limit items to the appropriate committees • Ensure end-to-end risk management processes are in place across credit, operational, reputational, and regulatory risk • Ensure regulatory/policy compliance, partner with Risk/Compliance/Legal, oversee second-line testing and audit responses, and prepare executive/Board reporting on activity, risk, and performance.

• Define and own the enterprise operating model strategy, integrating cross‑functional value streams, data‑driven OD&E, and responsible AI governance to streamline value delivery, strengthen accountability, and drive measurable improvements in decision speed, cycle time, quality, cost to serve, and customer impact. • Lead enterprise org design: structure optimization, spans/layers, governance, role clarity, and decision rights. • Bring deep expertise in workforce requirements—translating strategic intent into operating‑model choices (decision rights, governance, interfaces) and organization design (roles, spans/layers, capabilities) so teams are sized, skilled, and structured to deliver outcomes. • Establish a weekly/monthly/quarterly operating cadence that uses concise written narratives, variance‑based reviews, and controllable input metrics to drive decisions and follow‑through. • Lead change strategy for operating model shifts; set adoption targets, leader routines, and simple change toolkits. • Stand up an OD&E Analytics & Science capability, including an Organizational Scientist (e.g., I/O psychologist or data scientist) to bring causal analysis, experimentation, and visualization to org choices. • Clarify central vs. regional accountabilities and standards; create a fast path to resolve global/local tensions. • Build and lead a high‑performing OD&E team (org design, OE analytics/science, operating model design, change enablement).

• Develop routines in ADVPL/TLPP and PO-UI, including reports, triggers, and entry points in Logithink product development • Use object-oriented programming and the MVC pattern during development • Create new features or adapt existing ones as product improvements • Integrate Protheus with other tools via APIs • Perform tests on developments to ensure functionality within the standard TOTVS Protheus product • Prepare and guide activities for program correction and maintenance • Identify and fix bugs or functional issues • Provide user support related to Logithink products • Work on updating and maintaining Logithink products • Build reports for various business areas

Role Description The Vice President of Information Security & Compliance is a strategic executive leader responsible for overseeing global information security, data protection, governance, and compliance programs. This leader will ensure that our products, infrastructure, and operations meet international standards—specifically targeting ISO 42001 (AI Management System) certification and PCI-QSA compliance within the next 18 months. This position demands a forward-looking leader who blends deep technical expertise, regulatory insight, and operational pragmatism to protect customer trust while enabling innovation. Reporting to: Chief Information Officer Key Responsibilities - Security & Compliance Strategy: Develop and execute a global security and compliance roadmap aligned with corporate goals, focusing on ISO 27001 and SOC2, and expanding to ISO 42001, PCI-DSS, GDPR, CCPA, and other emerging data privacy frameworks. - AI Governance: Establish robust policies and risk models for secure and ethical AI adoption across products and platforms, ensuring adherence to future AI regulatory standards. - Data Privacy & Protection: Lead initiatives to design privacy-first architectures supporting international data residency, cross-border transfer compliance, and encryption standards. - DevSecOps Maturity: Partner with engineering and DevOps teams to build security into the product development lifecycle—deploy secure pipelines, automate compliance checks, and continuously monitor infrastructure health. - Risk, Audit & Incident Response: Maintain enterprise risk management processes, lead internal audits, coordinate external assessments, and oversee incident response and recovery workflows. - Team Leadership: Build, mentor, and scale a global security & compliance organization with capabilities spanning application security, cloud security, GRC, and data protection. - Stakeholder Collaboration: Work cross-functionally with Sales, Product, Legal, Finance, and IT to align organizational practices and ensure security and compliance enable business growth—not constrain it. Qualifications - 12+ years of experience in information security or compliance, with at least 5 years in senior leadership driving enterprise-wide programs. - Proven track record leading PCI-DSS, ISO, or SOC 2 compliance initiatives in a SaaS or financial/merchant-of-record context. - Deep understanding of cloud architectures (AWS, Azure, or GCP), security platforms, secure software development, and modern DevSecOps tools and practices. - Experience establishing AI governance, risk management, or model assurance frameworks preferred. - Strong familiarity with data privacy regulations across EU, US, and APAC jurisdictions. - Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent credentials highly desirable. - Exceptional communication, leadership, and change management skills. Success in the Role - Integration of the security team, processes and systems in our ATPI business unit. - ISO 27001 and 42001 certification achieved within 18 months. - PCI-QSA compliance achieved within 18 months. - Embedded security-by-design across the product lifecycle. - Demonstrable improvement in operational resilience and customer trust.