Positivo Tecnologia

Information Security Analyst – Senior

Positivo Tecnologia

full-time

Posted on:

Location Type: Hybrid

Location: ManausBrazil

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

AWSAzureDockerGoogle Cloud PlatformKubernetes

About the role

  • Implement, test, and operate advanced software security techniques in accordance with the organization's secure development policy.
  • Perform continuous security testing on code, websites, and portals, tracking and coordinating fixes with the responsible teams.
  • Maintain security governance by reviewing and improving policies, procedures, standards, and technical guidance.
  • Monitor and maintain security indicators (KRIs and KPIs), producing reports and recommendations for improvement.
  • Actively participate in software requirements analysis, defining security actions from the early stages of projects.
  • Anticipate vulnerabilities and propose preventive measures during the application design phase.
  • Address and mitigate security issues in code, promoting fixes and secure coding best practices.
  • Ensure closure of the security cycle during the maintenance phase by continuously assessing and monitoring systems.
  • Design secure architectures for systems and applications.
  • Review, propose, and maintain information security policies, standards, and procedures.
  • Ensure compliance with frameworks (ISO 27001, PCI, NIST, SABSA) and with the LGPD (Brazilian Data Protection Law).

Requirements

  • Bachelor's degree in Information Systems, Computer Science, Computer Engineering, or a related field.
  • Previous experience in application security, vulnerability analysis, penetration testing (pentest), and enforcing security policies.
  • Ability to work collaboratively with development, infrastructure, and compliance teams.
  • Experience with DevSecOps, CI/CD, and automation of security testing.
  • Knowledge of secure development methodologies (SSDLC).
  • Familiarity with security frameworks (ISO 27001, NIST, OWASP SAMM, etc.).
  • Certifications such as CEH, CompTIA Security+, ISO 27001 Foundation, OWASP, or similar.
  • Knowledge of cloud security (AWS, Azure, GCP) and containers (Docker, Kubernetes).
Benefits
  • Meal allowance (no deduction).
  • Transportation allowance (no deduction).
  • Life insurance: group life insurance.
  • Health plan.
  • Psychological support.
  • Nutrition services.
  • Pharmacy discounts.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
application securityvulnerability analysispenetration testingsecure development methodologiesDevSecOpsCI/CDsecurity testing automationsecure coding best practicescloud securitycontainers
Soft Skills
collaborationcommunicationproblem-solvinganalytical thinking
Certifications
CEHCompTIA Security+ISO 27001 FoundationOWASP