Quiero Alpargatas

Information Security Specialist

Quiero Alpargatas

full-time

Posted on:

Location Type: Hybrid

Location: São PauloBrazil

Visit company website

Explore more

AI Apply
Apply

Tech Stack

AWSAzureCloudCyber SecurityGoogle Cloud Platform

About the role

  • Serve as a technical reference in Information Security;
  • Lead response to critical incidents, acting as technical lead in crisis situations;
  • Provide direct, ongoing technical support to analysts, with a hands-on role in investigations, troubleshooting and advanced analysis;
  • Act as a Security Champion in corporate projects, assessing risks, defining security requirements and validating architectures;
  • Ability to assess cyber risks in OT environments without operational impact, prioritizing availability, safety and business continuity;
  • Knowledge of industrial architectures, including the Purdue Model, definition of zones and conduits, and IT/OT network segmentation;
  • Work in Cloud Security with a focus on IAM, logging, security posture and native controls;
  • Define, operate and optimize WAF and application/API security, mitigating OWASP Top 10 risks;
  • Carry out and direct Cyber Threat Intelligence (CTI) activities, correlating threats, campaigns and TTPs with business impact;
  • Technically lead takedown processes, brand protection and digital fraud mitigation;
  • Work collaboratively with antifraud, risk, legal and business areas;
  • Support and evolve vulnerability management processes, prioritizing risks based on operational and business impact.

Requirements

  • Postgraduate degree in Information Security, Cybersecurity, Cyber Defense, Security Engineering, Risk Management, Governance or related fields;
  • Experience in Information Security or Cybersecurity;
  • Experience with EDR/XDR, SIEM and SOAR, with a focus on continuous improvement of use cases, automation and reduction of operational risk;
  • Advanced knowledge of Cloud Security (AWS, Azure or GCP), with the ability to evaluate architectures, risks and security controls in critical environments;
  • Experience with WAF, application and API security, defining preventive controls aligned to business risk;
  • Solid knowledge of network security, segmentation, access control and protection of hybrid environments;
  • Practical experience in Cyber Threat Intelligence (CTI), with the ability to turn intelligence into strategic defense decisions;
  • Applied knowledge of Cyber OT, including the Purdue Model, zones and conduits, with focus on operational risk, safety and business continuity;
  • Knowledge of ICS/SCADA and industrial protocols;
  • Applied knowledge of frameworks such as NIST CSF, MITRE ATT&CK, ISO 27001, IEC 62443 and PCI DSS, using them as a basis for decision-making and prioritization;
  • Advanced English, with the ability to participate in and lead technical and executive meetings with international teams.
Benefits
  • Health plan
  • Dental plan
  • Life insurance
  • Wellhub
  • Meal voucher
  • Discount on Havaianas products
  • Birthday day off
  • Transportation allowance
  • Private pension plan
  • Profit Sharing (PLR)
  • Courses, training and other development activities through ALU (Alpa Learning Universe), our corporate university
  • Flexible on-site work model (minimum 3x per week in the office)
  • Flexible hours
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Information SecurityCybersecurityCloud SecurityIAMWAFAPI securityCyber Threat IntelligenceEDRXDRSIEM
Soft Skills
leadershipcollaborationcommunicationanalytical thinkingproblem-solvingrisk assessmentstrategic decision-makingtechnical supportincident responsecrisis management