Tegma Gestão Logística S.A.

Information Security Specialist I

Tegma Gestão Logística S.A.

full-time

Posted on:

Location Type: Hybrid

Location: São Bernardo do CampoBrasil

Visit company website

Explore more

AI Apply
Apply

Tech Stack

AWSAzureGoogle Cloud Platform

About the role

  • Work in the Information Security area ensuring protection of information assets, compliance of technology environments and mitigation of cyber risks through implementation, monitoring and continuous improvement of controls, policies and processes, ensuring the integrity, confidentiality and availability of corporate and operational information.
  • Implement, monitor and improve information security controls according to standards and frameworks (ISO 27001, NIST, CIS Controls, LGPD).
  • Perform vulnerability analysis and remediation, applying mitigation plans and tracking identified risks.
  • Support internal and external security audits, ensuring compliance with regulatory, corporate and legal requirements.
  • Manage security incidents, conducting investigations, root cause analysis and corrective actions.
  • Develop, review and maintain information security policies, standards and procedures.
  • Evaluate and recommend security technology solutions (firewall, EDR, DLP, CASB, IAM, SIEM, among others), ensuring control effectiveness.
  • Support infrastructure and systems projects, ensuring security requirements are incorporated from design through deployment.
  • Conduct awareness campaigns and training on information security for employees and partners.
  • Monitor trends, emerging threats and technological innovations in cybersecurity, proposing continuous improvements.
  • Act as a technical lead within the team, supporting mid-level and junior colleagues, sharing knowledge and best practices.

Requirements

  • Bachelor's degree in Information Technology, Information Security, Computer Science, Information Systems or related fields.
  • Postgraduate degree or certifications in the field will be considered a plus.
  • Certifications such as ISO 27001 Lead Implementer/Auditor, CompTIA Security+, CEH, Cisco CCNA Security, GIAC, AZ-500, SC-900, among others.
  • Solid experience in Information Security, working with implementation, monitoring and improvement of security controls.
  • Practical experience with frameworks and standards such as ISO 27001, NIST, CIS Controls and LGPD requirements.
  • Proven experience in incident management and response, vulnerability analysis and risk mitigation.
  • Participation in internal and external security audits (compliance, regulatory, legal).
  • Experience as a technical reference, supporting teams and disseminating best practices.
  • Familiarity with security tools and solutions: Firewall, EDR, DLP, CASB, IAM, SIEM, among others.
  • Cyber risk management, security policies and procedures.
  • Hardening, network security, infrastructure best practices and endpoint protection.
  • Technical threat analysis, incident investigation, evidence collection and documentation.
  • Best security practices in on-premises and cloud environments (AWS, Azure or GCP).
  • Knowledge of cryptography, authentication, access control and identity.
  • Experience in security awareness campaigns and training.
  • Analytical mindset and ability to make risk-based decisions; clear communication for interaction with technical and non-technical areas; proactivity to identify continuous improvement opportunities; collaborative attitude and ability to act as a technical mentor within the team; attention to detail, ethics and confidentiality in conducting activities.
  • Previous experience in large corporate environments or regulated sectors.
  • Availability to work on-site in São Bernardo do Campo — 3 days per week.
Benefits
  • Medical Assistance
  • Dental Assistance
  • Meal Allowance
  • On-site Cafeteria
  • Transportation Voucher
  • Pet Health Plan
  • Wellhub + Wellz
  • Partnerships with Educational Institutions
  • "Programa Fica Bem" — guidance for legal, psychological and financial matters
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
information securityvulnerability analysisincident managementrisk mitigationsecurity policiesnetwork securitytechnical threat analysiscloud securitycryptographyaccess control
Soft Skills
analytical mindsetclear communicationproactivitycollaborative attitudeattention to detailethicsmentoringcontinuous improvementproblem-solvingleadership
Certifications
ISO 27001 Lead ImplementerISO 27001 AuditorCompTIA Security+CEHCisco CCNA SecurityGIACAZ-500SC-900