FREE ACCESS
5,000–10,000 jobs/day

See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.

Information Security Specialist I
Grupo TigreEspecialista em Segurança da Informação com foco na proteção de ativos de informação e conformidade regulatória. Atuando em um ambiente corporativo híbrido em Joinville.
Tech Stack
Tools & technologiesCloudCyber Security
About the role
Key responsibilities & impact- Define, implement and evolve Information Security controls, ensuring adherence to corporate policies, regulatory requirements and industry frameworks, with focus on risk management, data protection, operational continuity and reducing the attack surface.
- Conduct cyber risk analyses of systems, applications, integrations, vendors, projects and significant changes, proposing treatment plans, compensating controls, prioritization criteria and monitoring indicators to support technical and executive decision-making.
- Support the structuring, maintenance and evolution of the Information Security Management System (ISMS), including policies, standards, procedures, evidence, audit trails, controls and preparation for internal and external audits and regulatory/corporate readiness initiatives, including IPO contexts.
- Lead technical secure development and DevSecOps initiatives, establishing secure-by-design and secure-by-default standards, performing architecture reviews, defining security requirements for applications, and promoting use of SAST, DAST, SCA, vulnerability management, hardening, environment segregation and validation of requirements prior to production.
- Participate in information security incident response, supporting detection, containment, eradication, recovery, investigation, lessons learned and continuous improvement of processes, interfacing with infrastructure, applications, architecture, privacy, compliance teams and executive leadership as needed.
- Technically evaluate new solutions, vendors and services from security, privacy and architecture perspectives, ensuring compliance with minimum requirements such as strong authentication, encryption, log management, auditability, vulnerability management, access controls, regulatory compliance and secure development practices.
- Produce and present executive and technical materials on risks, maturity, action plans, compliance deviations, remediation status and the evolution of the security roadmap, supporting committees, audits, governance reviews and strategic forums within the organization.
- Promote the dissemination of a security culture across technology and business teams, supporting training, defining standards, providing technical guidance on projects, strengthening processes and embedding security and privacy from the conception of initiatives.
Requirements
What you’ll need- Bachelor’s degree in Information Security, Computer Science, Information Systems, Computer Engineering, Software Engineering or related fields.
- Solid experience in corporate Information Security, with work in governance, risk management, compliance, security architecture or security applied to systems and applications.
- Practical and demonstrable knowledge of ISO 27001, ISO 27002, NIST Cybersecurity Framework, NIST Secure Software Development Framework (SSDF), risk management, security controls and audit processes.
- Experience creating, implementing or supporting policies, standards, processes, evidence and Information Security controls, with the ability to support internal and external audits and environments with high governance requirements.
- Experience in secure development, application security or AppSec, including concepts such as OWASP, review of security requirements, vulnerability management, hardening, environment segmentation, security testing and integration of security practices into the development lifecycle.
- Experience assessing risks and security requirements for new systems, vendors, integrations, cloud services, enterprise applications and technology transformation projects.
- Technical knowledge of security tools and disciplines such as IAM/IGA, MFA, SSO, log management, SIEM, endpoint protection, vulnerability management, encryption, access control, incident response and security in hybrid/cloud environments.
- Experience supporting governance and compliance processes in complex corporate environments, preferably with exposure to readiness projects for audits, regulated markets, IPOs or environments with strong traceability and internal control requirements.
- Advanced English for technical reading, interaction with vendors, understanding standards, frameworks, documentation and audit materials.
Benefits
Comp & perks- Work model: Hybrid (3 days per week on-site).
- Flexible schedule.
- Meal allowance.
- Year-end gift.
- Health insurance.
- Dental plan.
- Life insurance.
- Private pension plan.
- Wellhub (formerly Gympass).
- Birthday day off.
- Family-friendly company: extended maternity and paternity leave.
- Discounts on our products.
- Annual bonus (profit sharing).
- Discounts of up to 50% on medications.
- Health programs.
ATS Keywords
✓ Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
ISO 27001NIST Cybersecurity FrameworkVulnerability ManagementSecurity ArchitectureApplication SecuritySecurity TestingAudit ProcessesSecurity ControlsData ProtectionOperational Continuity
Soft Skills
CommunicationLeadershipCollaborationTrainingTechnical Guidance