Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Portobello Shop

Information Security Specialist

Portobello Shop

Technical specialist in information security operations for Portobello Shop, leading security strategies and team development.

Posted 6/30/2026full-timeRemote • BrasilMid-LevelSeniorWebsite

Tech Stack

Tools & technologies
AWSAzureCloudCyber SecurityFirewallsLinuxOpen SourcePython

About the role

Key responsibilities & impact
  • Technical owner for the information security operations platform, responsible for the architecture, strategy, and sustaining controls for detection, incident response, vulnerability management, identity management, and perimeter governance.
  • Primary technical reference for the area, contributing to process maturity and the technical development of the team.
  • Architect, deploy, and direct the maintenance of an open-source-based SIEM platform, including data collection, normalization, event correlation, processing pipelines, and retention policies.
  • Develop and maintain detection use cases aligned with the MITRE ATT&CK framework, with continuous tuning to reduce false positives and increase detection effectiveness.
  • Strategically lead the corporate Vulnerability Management program, including risk-based prioritization, coordination of remediation with technology teams, and monitoring executive-level indicators.
  • Define and govern Identity and Access Management (IAM) processes: identity lifecycle, segregation of duties, RBAC, MFA, and periodic access reviews.
  • Govern policies and rules for Next-Generation Firewalls (NGFW): network segmentation, periodic rule reviews, and hardening.
  • Provide technical leadership for response to critical security incidents, supporting containment, forensic analysis, and coordination of remediation activities.
  • Implement and monitor hardening of environments based on recognized industry benchmarks (CIS Benchmarks).
  • Develop automations and integrations using tools and scripting languages to optimize team operations.
  • Prepare and maintain high-complexity technical documentation, standard operating procedures, security policies, and reference architectures.
  • Act as a mentor to team analysts, promoting knowledge transfer, technical culture, and operational continuity.

Requirements

What you’ll need
  • Solid and proven experience in Information Security operations (SecOps, Blue Team, or related areas).
  • Advanced hands-on experience with open-source SIEM platforms (creating complex rules, event correlation, tuning, and detection engineering).
  • Experience designing and running corporate Vulnerability Management programs.
  • Experience with commercial Vulnerability Management tools (Qualys, Tenable, Rapid7, or equivalents).
  • Experience in governance of Identity and Access Management (IAM), including Active Directory, SSO, MFA, identity federation, and RBAC models.
  • Experience in administration and governance of Next-Generation Firewalls (Check Point, Palo Alto, Fortinet, or equivalents).
  • Applied knowledge of the ISO/IEC 27001, NIST Cybersecurity Framework, and CIS Controls frameworks.
  • Experience with automation using Python, Bash, or PowerShell.
  • Proficiency with Windows and Linux environments.
  • Knowledge of Cloud environments (AWS, Azure, or OCI).
  • Technical autonomy and resilience to make decisions under resource constraints or crisis scenarios.
  • Highly collaborative profile and orientation toward solving complex problems.
  • Excellent verbal and written communication to interact with both technical and executive (non-technical) audiences.
  • Commitment to documentation and knowledge dissemination.
  • Differential:
  • Advanced knowledge of regex and building custom parsers.
  • Recognized certifications in Information Security (e.g., CISSP, CISM, CompTIA CySA+, Security+, eLearnSecurity).
  • Practical knowledge of the Brazilian General Data Protection Law (LGPD) applied to log management and security monitoring.
  • Experience in Operational Technology (OT) / industrial environments.

Benefits

Comp & perks
  • Life insurance;
  • Health and dental insurance;
  • On-site cafeteria/restaurant;
  • Transportation voucher or dedicated company shuttle for employees - specific routes;
  • Portobello Corporate University platform;
  • On-site medical clinic;
  • Workplace exercise program (ginástica laboral);
  • Profit Sharing (PPR);
  • Discounts at local pharmacies;
  • Free parking;
  • Private pension plan;
  • Union membership;
  • Discount network - partnerships with various educational institutions;
  • Discounts on Portobello product purchases;
  • Vacation bonus (Abono Férias);
  • "Mother Support" allowance - to purchase baby layette;
  • Childcare allowance;
  • Assistance for dependents with disabilities (PCD dependents);
  • Professional training and development programs;
  • Wellhub and many more!!!

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
SIEM ArchitectureEvent CorrelationDetection EngineeringVulnerability Management ToolsNext-Generation Firewalls (NGFW)ISO/IEC 27001NIST Cybersecurity FrameworkCIS ControlsWindows AdministrationLinux Administration
Soft Skills
Technical LeadershipCollaborationProblem-SolvingCommunicationMentoring
Certifications
CISSPCISMCompTIA CySA+Security+ELearnSecurity