Security Tech Lead
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Security Tech Lead managing information security initiatives to protect data and systems. Leading and supporting the adoption of secure practices across teams and gaining client trust.
Responsibilities:
- Assess risks in systems, cloud environments, internal processes and new projects;
- Conduct continuous security assessments of infrastructure and applications;
- Propose and follow up on action plans to improve security maturity;
- Ensure compliance with LGPD, ISO/IEC 27001 and other applicable frameworks;
- Develop and maintain Information Security policies, standards and procedures;
- Support business continuity and disaster recovery initiatives;
- Prepare reports and provide evidence for audits and compliance assessments;
- Support the implementation and evolution of security tools such as SIEM, WAF, IDS/IPS, EDR, DLP and vulnerability management solutions;
- Establish monitoring, detection and incident response processes;
- Coordinate security investigations and simulation exercises;
- Ensure security best practices in cloud environments (AWS and OCI), including access management, encryption, backups and automations;
- Collaborate with Engineering and DevOps teams to implement DevSecOps practices and security in CI/CD pipelines;
- Define security and privacy-by-design standards for products and infrastructure;
- Manage IAM-related controls, including MFA, SSO, RBAC and periodic access reviews;
- Ensure traceability, segregation of duties and privileged access governance;
- Support the adoption and governance of PAM/password vault solutions;
- Participate in defining security requirements for SaaS/PaaS products;
- Perform application vulnerability analysis using SAST, DAST and interpret pentest results;
- Promote secure development practices and share references such as the OWASP Top 10 with technical teams;
- Conduct security training and awareness initiatives;
- Act as a technical authority for different areas of the company;
- Define a security roadmap aligned with business strategy;
- Support architecture decisions, risk prioritization and security investments;
- Serve as the technical focal point for audits, RFPs and security questionnaires;
- Support commercial, customer service and pre-sales teams in communicating the company’s security practices.
Requirements:
- Bachelor's degree in Computer Science, Computer Engineering or related fields;
- Solid experience in Information Security, preferably in SaaS, PaaS or cloud environments;
- Knowledge of frameworks and standards such as ISO/IEC 27001, NIST, LGPD, SOC 2 and OWASP;
- Experience with cloud environments (AWS and/or OCI), CI/CD, DevSecOps and IAM;
- Hands-on experience with SIEM, WAF, EDR, vulnerability management and PAM tools;
- Experience with external audits and meeting customer security requirements;
- Good communication skills with both technical and non-technical audiences;
- Analytical, organized and continuously improvement-oriented profile.
Benefits:
- Meal allowance;
- Food allowance;
- SulAmérica health insurance;
- Care Plus dental coverage;
- Wellhub;
- Psicologia Viva;
- Conexa Saúde;
- Birthday day off;
- Home office allowance;
- Partnership with SESC;
- Life insurance.
Similar Jobs
Compliance/Security Officer
Compliance Officer overseeing comprehensive compliance program while ensuring adherence to federal and state laws. Leading policies, audits, and risk assessments in a healthcare context.
Director of Security
Director of Security responsible for information security and compliance for Crete Professionals Alliance. Leading a team, managing risk, and integrating security processes across the organization.
Security Engineer
Information Security Engineer managing endpoint defense, security awareness, and operations. Collaborating to enhance the security program within FMG's remote IT environment.
Senior Supply Chain Security Engineer
Senior Supply Chain Security Engineer developing Docker's security-hardened images and managing Helm charts. Collaborating on upstream OSS projects and ensuring compatibility with Kubernetes and security guidelines.
Enterprise Security Engineer
Enterprise Security Engineer at Benchling focusing on building a security program and implementing zero trust strategies for sensitive data protection.
Head of Security Research
Head of Security Research leading a team of security experts at Dropzone AI. Overseeing threat intelligence, detection engineering, and building an elite security team.
Information Systems Security Manager
IT Security Manager leading security professionals to protect sensitive data and ensure compliance. Overseeing cybersecurity policies, incident response, and risk management frameworks.
IT Business Partner, Enterprise Solutions – Real Estate and Corporate Security Platforms
Business Partnering role focused on leading business analysis for Real Estate and Corporate Security technology at Fresenius Medical Care. Collaborating with business owners to define and manage digital strategy and roadmap.
Cybersecurity Engineer II
Mid-level Cybersecurity Engineer responsible for identity security and cloud platforms. Supporting compliance with CMMC and NIST across various government environments.
FP&A Director, Security
FP&A Director overseeing P&L accountability and financial analysis for Cobalt’s security business. Driving key operating decisions and contributing to M&A deals.
Senior Corporate Security Engineer
Corporate Security Engineer handling IT and cloud security for Juniper Square, focusing on threat detection, incident response, and security tooling management.
Security Engineer – Threat Detection
Security Engineer at Snowflake enhancing threat detection capabilities utilizing AI and automation, collaborating across Security and Engineering teams.
Senior AI Security Engineer, Cyber Architecture, OT and Engineering
Sr. Agentic AI Engineer designing, building, and operationalizing agentic AI systems at EY. Working on multi-agent frameworks and intelligent automation to enhance cybersecurity posture.
Senior Security Architect
Remote Sr. Security Architect at Alkami, enabling secure business practices with proactive security initiatives and collaboration across teams in a growing SaaS environment.
Information Security Officer
Information Security Officer at SmartestEnergy Limited shaping ISO 27001:2022 across a global business landscape. Driving governance, risk management, compliance, and security best practices in a collaborative environment.
Network Security Engineer
Network Security Engineer designing, implementing, and maintaining secure network infrastructures at SOFTSWISS. Strengthening corporate security and improving standards in iGaming services.
Senior Solutions Director – Security
Sr Solutions Director directing Security solutions strategy at ePlus. Leading go-to-market plans for innovative Security technology solutions.
Distinguished Engineer, Cybersecurity
Senior leader overseeing cybersecurity and data solutions at Nagarro. Driving innovation, strategy, and client engagement across various domains and industries.
Senior Security Administrator
Senior Security Administrator supporting SaaS/cloud customers with security configurations and troubleshooting. Collaborating with an expert team to ensure system security.
Freelance WordPress, Security, HIPAA Compliance Consultant
Freelance consultant auditing WordPress website for HIPAA compliance risks. Requires 4-5 years of experience in WordPress security and HIPAA compliance.