This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for an Analista de Segurança da Informação Pleno — Gestão de Vulnerabilidades e Identidades based in Brazil.
This opportunity is ideal for an information security professional who is passionate about protecting critical business environments through effective vulnerability management and identity governance. In this role, you will help strengthen cybersecurity operations by monitoring vulnerabilities, managing identity and access controls, and supporting incident response activities. Working closely with technical and business teams, you will contribute to maintaining a secure, compliant, and resilient IT environment while continuously improving operational processes. The position offers exposure to modern security technologies, collaborative cross-functional work, and ongoing professional development in a dynamic organization that values innovation and operational excellence.
Accountabilities:
- Execute the organization's vulnerability management lifecycle, including vulnerability assessment, risk-based prioritization, remediation tracking, and coordination with Infrastructure, Systems, and other technical teams.
- Maintain and enhance operational dashboards, remediation workbooks, security metrics, and SLA tracking to support continuous visibility into security posture.
- Operate Identity and Access Management (IAM) processes, including user provisioning and deprovisioning, privilege management, periodic access reviews, and multi-factor authentication (MFA) administration.
- Support corporate access review campaigns and segregation of duties (SoD) validation activities.
- Monitor, classify, and investigate security alerts generated by cybersecurity platforms within the assigned scope.
- Perform initial security incident triage, analysis, and structured escalation when advanced investigation is required.
- Prepare recurring operational reports and security performance indicators.
- Develop and maintain technical documentation, operational procedures, and process documentation to support security operations.
Requirements
- Professional experience in Information Security, Infrastructure, Systems Administration, or related technical fields with a focus on cybersecurity.
- Hands-on experience with vulnerability management processes and industry-standard vulnerability scanning solutions such as Qualys, Tenable, Rapid7, or similar platforms.
- Solid knowledge of Active Directory, Identity and Access Management (IAM), Single Sign-On (SSO), and Multi-Factor Authentication (MFA).
- Experience monitoring and triaging security events using SIEM platforms.
- Good understanding of TCP/IP networking, network segmentation, and communication protocols.
- Basic administration experience with Windows and Linux environments.
- Strong analytical and problem-solving skills with excellent attention to detail and documentation quality.
- Well-organized, process-oriented, and capable of working effectively with standardized operational procedures.
- Strong communication skills with the ability to collaborate across technical and business teams.
- Commitment to continuous learning and professional development.
Preferred Qualifications
- Experience with Wazuh, Elastic Stack (ELK), or other open-source SIEM platforms.
- Knowledge of ISO/IEC 27001 and CIS Controls frameworks.
- Understanding of LGPD requirements related to identity management, log management, and personal data protection.
- Basic scripting skills using PowerShell, Bash, or Python for automation.
- Entry-level Information Security certifications such as CompTIA Security+, CySA+, or Microsoft SC-900/SC-300.
Benefits
- Comprehensive health and dental insurance.
- Life insurance.
- Profit Sharing Program (PPR).
- Private pension plan.
- Corporate learning platform with ongoing training and development opportunities.
- Pharmacy discounts.
- Educational partnership discounts.
- Employee discounts on company products.
- Vacation bonus.
- Maternity assistance for newborn essentials.
- Childcare assistance.
- Support for dependents with disabilities.
- Wellhub membership and additional wellness initiatives.
- Professional development and career growth programs.