About this role

The professional is responsible for defining, implementing and monitoring information security policies, standards and controls, ensuring the protection of technological assets and compliance with applicable laws and regulations, such as the LGPD.
Works in risk management, identification and remediation of vulnerabilities, security incident response, threat monitoring and implementation of controls based on recognized frameworks such as ISO 27001, NIST and CIS Controls.
Also supports audits, promotes security awareness and user training, manages access and identities, tracks security metrics and integrates security practices into development and IT operations processes (DevSecOps).

Bachelor's degree in Computer Science, Information Security, Information Systems, Computer Engineering or related fields.
Certifications such as ISO 27001 Lead Implementer/Auditor, CISSP, CISM, CompTIA Security+ or equivalents are desirable.
Minimum of 5 years' experience in information security or IT governance.
Experience in risk management, compliance and implementing security policies.
Experience with security tools (SIEM, corporate antivirus, firewall, IDS/IPS).
Practical knowledge in incident response and vulnerability analysis.
Experience working in regulated environments or with data protection requirements.

Information Security Administrator – Mid-level

Key skills