Information Security Coordinator – Affirmative Action for Black and Mixed-Race Talent
Consórcio Embracon
full-time
Posted on:
Location Type: Hybrid
Location: Santana de Parnaíba • Brasil
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
AWSCloudSplunk
About the role
- Coordinate and develop the information security team, promoting a culture of technical excellence and continuous improvement
- Establish objectives, goals and performance indicators (KPIs/KRIs) for the area
- Conduct monitoring ceremonies and report executive status to the CISO and security committees
- Implement and maintain an information security governance framework aligned with ISO 27001, NIST, CIS Controls and LGPD
- Develop and review security policies, procedures and standards
- Manage the security compliance and audit program
- Conduct risk assessments and vulnerability treatment
- Administer Identity and Access Management (IAM) solutions
- Implement and operate a corporate password vault
- Ensure segregation of duties (SoD) and least-privilege principles
- Manage the lifecycle of digital identities and periodic access reviews
- Oversee SOC (Security Operations Center) and SIEM operations
- Manage the detection and incident response program
- Coordinate penetration tests (pentests) and vulnerability remediation
- Oversee vulnerability management (GVUD) and patching
- Implement DevSecOps practices in the development lifecycle
- Manage code analysis tools (SAST/DAST/SCA)
- Integrate security into CI/CD pipelines
- Conduct security reviews of architectures and applications
- Manage protection solutions: WAF, IPS/IDS, DLP, CASB
- Implement and monitor data loss prevention controls
- Supervise cloud and hybrid environment security
- Ensure protection of endpoints and critical infrastructure
- Work alongside the DPO to implement privacy controls
- Ensure compliance with LGPD and sector-specific regulations
- Implement Privacy by Design in projects
- Manage processes for handling personal data
Requirements
- Bachelor’s degree in Information Technology, Computer Science, Engineering, Information Systems or related fields
- Advanced English
- Minimum 5 years of experience in Information Security
- At least 2 years in a leadership/coordinator position
- Proven experience in medium/large companies or the financial sector
- Deep knowledge of identity and access management (IAM)
- Practical experience with SOC/SIEM
- Proficiency with vulnerability management tools
- Solid knowledge of WAF, IPS/IDS, DLP and CASB
- Experience with DevSecOps and application security tools
- Knowledge of frameworks: ISO 27001, NIST CSF, CIS Controls
- Understanding of LGPD and data protection
- Certifications: CISSP, CISM, ISO 27001 Lead Implementer/Auditor, CEH, CCSP, certifications in specific tools (Splunk, AWS Security, etc.)
- Fluent in English
Benefits
- Medical, dental and psychological assistance
- Transportation allowance
- Meal or food allowance
- Partnerships with gym and wellness networks
- Life insurance
- Birthday day off
- Quality-of-life programs
- "We’re Pregnant!" programs (pregnancy support)
- Recognition programs
- Private pension plan
- Education scholarship/grant
- Student transportation voucher
- Marriage benefit
- 6-month maternity leave
- 20-day paternity leave
- Payroll-deductible loans
- Employee discounted consortium purchase
- Profit-sharing program (PPR)
- Embracon Corporate University (UCE)
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
information securityrisk assessmentsvulnerability managementidentity and access managementDevSecOpssecurity policiesincident responsepenetration testingdata loss preventionsecurity compliance
Soft skills
leadershipcommunicationcoordinationcontinuous improvementtechnical excellencemonitoringreportingcollaborationsupervisionproblem-solving
Certifications
CISSPCISMISO 27001 Lead ImplementerISO 27001 AuditorCEHCCSPSplunkAWS Security