Especialista Sênior em Segurança da Informação / Cybersecurity
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Especialista Sênior em Segurança da Informação / Cybersecurity based in Brazil.
In this role, you will be responsible for strengthening and evolving the organization’s cybersecurity posture across products, infrastructure, and data environments. You will act as a key reference point for security strategy, working closely with engineering and business teams to embed security by design into all processes. The position offers high autonomy, strategic visibility, and the opportunity to influence critical security decisions in a modern, technology-driven environment. You will design and enforce security frameworks, lead risk and incident management initiatives, and ensure compliance with industry standards and regulations. This is a hands-on and strategic role where you will also champion a culture of security awareness across technical and non-technical teams. Working fully remotely, you will collaborate with multidisciplinary teams in a fast-paced and innovation-oriented setting. Your impact will be direct, measurable, and essential to safeguarding business continuity and trust.
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Especialista Sênior em Segurança da Informação / Cybersecurity based in Brazil.
In this role, you will be responsible for strengthening and evolving the organization’s cybersecurity posture across products, infrastructure, and data environments. You will act as a key reference point for security strategy, working closely with engineering and business teams to embed security by design into all processes. The position offers high autonomy, strategic visibility, and the opportunity to influence critical security decisions in a modern, technology-driven environment. You will design and enforce security frameworks, lead risk and incident management initiatives, and ensure compliance with industry standards and regulations. This is a hands-on and strategic role where you will also champion a culture of security awareness across technical and non-technical teams. Working fully remotely, you will collaborate with multidisciplinary teams in a fast-paced and innovation-oriented setting. Your impact will be direct, measurable, and essential to safeguarding business continuity and trust.
Accountabilities:
- Define, implement, and continuously evolve the cybersecurity strategy, ensuring alignment with business and technology priorities.
- Establish and maintain security policies, standards, and frameworks such as ISO 27001, NIST, LGPD, and OWASP.
- Conduct risk assessments, vulnerability analyses, and define mitigation and business continuity plans.
- Operate and optimize security tools such as SIEM, WAF, EDR, IAM, DLP, VPN, and vulnerability scanners.
- Lead incident response processes, including investigation, containment, remediation, and post-incident reporting.
- Support DevSecOps practices and ensure security is embedded across development and infrastructure lifecycles.
- Promote security awareness through training, guidance, and continuous engagement with technical and business teams.
- Solid senior-level experience in Information Security / Cybersecurity across end-to-end environments.
- Strong knowledge of networks, encryption, system hardening, IAM, and cloud security (AWS, Azure, or GCP).
- Proven experience in risk management, incident response, vulnerability management, and continuity planning.
- Hands-on experience with security tools such as SIEM, EDR, WAF, DLP, VPN, and scanning solutions.
- Familiarity with security frameworks and regulations including ISO 27001, NIST, LGPD, and OWASP.
- Strong communication skills with the ability to translate technical risks for business and non-technical stakeholders.
- Experience working in remote, agile, and fast-paced technology environments.
- Certifications such as CISSP, CISM, CEH, or ISO 27001 are considered a strong plus.
- Experience with DevSecOps, CI/CD security, or high-availability environments is a differential.
- 100% remote work with high flexibility and autonomy.
- Strategic role with strong influence over cybersecurity decisions and architecture.
- Collaborative and highly technical environment focused on innovation and continuous improvement.
- Exposure to complex, high-impact projects with direct business relevance.
- Competitive long-term PJ engagement model.
- Opportunity to work with modern security tools and evolving cloud-native technologies.