Banco PAN operates a large-scale digital banking platform serving more than 32 million customers across Brazil, headquartered in São Paulo. With over 3,500 employees, the company spans consumer finance verticals including credit cards, vehicle financing, payroll loans, investments, and a free digital account product. The threat surface is substantial: a platform at this scale processes high-volume financial transactions across nearly 10,000 dealership integrations and over 100 sales points, making it a target for fraud, credential stuffing, and supply-chain attacks through dealer-facing APIs.
Cybersecurity teams here are defending real financial infrastructure - not a sandbox. The attack model for a consumer finance operation like this likely covers payment fraud, account takeover, mobile application security, and securing the data pipeline that underwrites credit products for millions of Brazilians. Security work intersects with regulatory compliance demands inherent to Brazilian financial services, where data protection and operational resilience carry direct legal exposure.
The company positions itself around agility, financial inclusion, and long-term customer relationships - meaning the security function has to enable fast product iteration without becoming the bottleneck or the weak link. If you're building detection systems, hardening API gateways, or driving security architecture for high-throughput financial platforms, the scale here is concrete and the stakes are measurable in real currency.