Information Security Specialist
IPIRANGA
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇧🇷 Brazil
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
AWSFirewallsJenkinsPython
About the role
- Continuously protect the company’s data and systems, ensuring confidentiality, integrity and availability.
- Orchestrate the security ecosystem (Zscaler, CrowdStrike, WAF, IPS, Palo Alto firewalls, Tenable and SecurityScorecard), keeping cyber risk within acceptable business levels.
- Anticipate threats and respond quickly to minimize operational and reputational impact.
- Integrate security practices into the DevOps culture, ensuring “secure” is a natural part of the software development and delivery lifecycle.
- Promote continuous improvement in processes, technology and people through clear metrics and accessible communication.
- **Activities:**
- Management of secure web gateway platform (Zscaler): define policies, monitor alerts and adjust configurations to balance protection and performance.
- Endpoint defense administration (CrowdStrike): investigate detections, refine prevention policies and maintain up-to-date agents.
- Operation of perimeter controls (WAF, IPS and Palo Alto firewalls): create and review rules, perform effectiveness testing and monitor signature updates.
- Vulnerability exposure management: run Tenable scans, correlate results in SecurityScorecard, prioritize remediation and track action plans with infrastructure and development teams.
- DevSecOps: embed automated security checks in the CI/CD pipeline (code testing, container analysis, dependency validation) and support squads in adopting “shift-left” practices.
- Incident response: participate in investigation, containment, eradication and recovery, producing lessons learned and prevention recommendations.
- Metrics and reporting: develop and present risk indicators, policy compliance and maturity progress to stakeholders.
- Documentation and awareness: create technical guides, operational procedures and awareness materials that help teams apply security best practices day-to-day.
Requirements
- **Experience:**
- **5+ years** of hands-on experience in Information Security, with direct management of edge, endpoint and cloud protection tools (e.g., Zscaler, CrowdStrike, WAF, IPS, Palo Alto firewalls).
- Running **vulnerability management** programs (Tenable or similar) and using external risk platforms (SecurityScorecard, Bitsight, etc.).
- Background in **DevSecOps**: integrating security tests into CI/CD pipelines, container hardening and policy automation.
- Participation or leadership in **incident response** for medium/high severity events.
- Regular interaction with infrastructure, development and business teams to prioritize fixes and security projects.
- **Soft skills:**
- **Clear communication** — translate technical risks into accessible language for executives and developers.
- **Analytical thinking and prioritization** — focus on what reduces the most risk in the shortest time.
- **Collaboration and influence** — work in cross-functional squads, guiding without formal authority.
- **Ownership** — take initiative, identify issues and lead solutions.
- **Continuous learning** — stay current on emerging threats, techniques and tools.
- **Technical Skills:**
- Advanced administration of **Zscaler Internet Access/Private Access** and policy configuration.
- Endpoint defense with **CrowdStrike Falcon** (prevention, investigation, hunting).
- Writing/tuning rules in **WAF** (ModSecurity, F5, Cloudflare, etc.) and **IPS/IDS**.
- Operation of **Palo Alto firewalls** (NAT, App-ID, User-ID, Panorama).
- Running and analyzing **Tenable scans (Nessus/Tenable.io)**; prioritization using CVSS, VPR, EPSS.
- Consolidation of metrics in **SecurityScorecard** or equivalent tools.
- **Scripting/automation** in Python, PowerShell or Bash for integration and reporting.
- Knowledge of **CI/CD pipelines** (Jenkins, GitLab, GitHub Actions) and SAST/DAST/IAST tools.
- **Education:**
- Bachelor’s degree in **Information Technology, Engineering, Information Systems** or related fields.
- Desired certifications: **CISSP, CCSP, CISM, OSCP**, PCNSE (Palo Alto) or cloud equivalents (AWS Security Specialty).
- **Languages:**
- **Portuguese** — native or fluent (required).
- **English** — Intermediate for reading technical documentation, participating in meetings and handling global incidents.
Benefits
- 🕗 Flexible working hours
- 💙 Assistance for a child with disabilities
- 💰 Variable compensation program
- 🏦 Private pension plan
- 💸 Length-of-service bonus
- 🧘🏻♀️ Online therapy & nutritional counseling
- 👶🏻 Newborn gift basket
- 📚 Corporate university
- 👓 Reimbursement for glasses and contact lenses
- 💊 Medication assistance
- 💉 Vaccine assistance
- 🏭 Market benefits: Gympass, meal and grocery vouchers (VR/VA), commuting allowance (VT), health and dental insurance, life insurance.
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
Information Securityvulnerability managementDevSecOpsincident responseZscalerCrowdStrikeWAFIPSPalo Alto firewallsTenable
Soft skills
clear communicationanalytical thinkingprioritizationcollaborationinfluenceownershipcontinuous learning
Certifications
CISSPCCSPCISMOSCPPCNSE