CSU

Mid-level Information Security Analyst – IAM

CSU

full-time

Posted on:

Location Type: Hybrid

Location: BarueriBrasil

Visit company website

Explore more

AI Apply
Apply

About the role

  • Manage the provisioning, modification, creation and revocation of access to critical corporate systems, ensuring compliance with security policies and best practices.
  • Assist in creating, maintaining, modifying and deactivating access in corporate systems according to internal policies.
  • Coordinate the updating of identities in the corporate environment, ensuring consistency, security and alignment with regulatory requirements.
  • Analyze and approve requests for creation, modification and deletion of access in sensitive systems, such as financial and regulatory systems, in accordance with internal standards.
  • Manage and monitor ticket queues, ensuring prompt and effective responses to access requests.
  • Ensure tickets are properly approved by the responsible manager before execution.
  • Provide advanced technical support related to access and permission issues, collaborating with other teams as needed.
  • Monitor access logs and identify security risks or anomalies, acting proactively to mitigate risks.
  • Actively participate in periodic access reviews, ensuring compliance with internal and regulatory policies such as LGPD, PCI-DSS, ISAE 3402 and ISO 27001.
  • Contribute to the execution of internal and external audits, ensuring traceability and integrity of access control processes.
  • Collaborate in creating and maintaining audit reports on access and permissions, ensuring transparency and regulatory compliance.
  • Ensure that IAM operations meet internal and external standards and regulations, such as NIST, PCI-DSS, ISAE 3402 and ISO 27001.
  • Identify opportunities for continuous improvement in IAM processes, proposing solutions to increase operational efficiency and security.
  • Collaborate on the automation and standardization of IAM processes to optimize workflows and reduce risks.
  • Keep technical documentation up to date and record all identity and access management activities, ensuring compliance with regulatory requirements.
  • Contribute to the development and review of internal security policies and IAM best practices to optimize processes and reduce risks.
  • Provide technical guidance and support to junior analysts, fostering the development of team skills.
  • Conduct internal training to raise employee awareness of security best practices and access management.

Requirements

  • Hands-on experience administering access in corporate systems, with a focus on financial and regulatory systems.
  • Intermediate knowledge of information security frameworks, such as NIST, CIS Controls, PCI-DSS and ISO 27001.
  • Ability to interpret security policies and translate them into effective operational practices.
  • Proactive attitude to identify vulnerabilities and propose solutions to mitigate risks.
  • Experience performing internal and external audits, ensuring compliance and traceability of access control processes.
  • Ability to manage IAM tools, ensuring the security and compliance of the systems in use.
  • Bachelor's degree in related fields: Information Security, Technology, Networking or related areas.
Benefits
  • Health insurance
  • Dental insurance
  • Company-provided lunch
  • Partnerships with language schools (exclusive discounts)
  • Transportation voucher or parking
  • Partnership with SESC
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
access managementidentity and access management (IAM)information security frameworksaudit processesrisk mitigationtechnical supportsecurity policy interpretationprocess automationtechnical documentationcontinuous improvement
Soft Skills
proactive attitudecollaborationcommunicationteam developmentemployee traininganalytical skillsproblem-solvingattention to detailorganizational skillsleadership
Certifications
Bachelor's degree in Information SecurityBachelor's degree in TechnologyBachelor's degree in NetworkingNIST certificationCIS Controls certificationPCI-DSS certificationISO 27001 certificationISAE 3402 certification