71 Empregos para Certified Information Systems Security Professional - Brasil

Job Title: IT Security Engineer

Level: Junior | Mid Level

Working Hours: Full Time(40h/Week)

Contract: CLT (Brazil)

Location: LATAM, Brazil

Your Team

You will report to our Head of Security and join the Security team. On TheOrg you can view the complete structure of our organisation, including information about every team member, hiring managers and the size of each department.

Who We Are Looking For

The IT Security Engineer plays a key role at the intersection of cybersecurity and IT operations. This position supports day-to-day IT and security functions, contributes to compliance and governance initiatives, and assists in strengthening the organisation's security posture. The ideal candidate is a hands-on problem solver who is comfortable working across infrastructure, cloud, identity, and security domains.

Mandatory Hard Skills

• Solid understanding of Identity and Access Management (IAM) principles and practices.
• Knowledge of compliance frameworks and regulations such as ISO 27001, SOC 2, GDPR/LGPD, NIST, etc.
• Familiarity with cloud platforms (AWS, Azure, or GCP) and their associated security risks and controls.
• Exposure to endpoint management, MDM solutions, and IT support tools.
• Exposure to security operations, monitoring tools (e.g., SIEM, EDR), and incident response processes.
• Strong problem-solving skills and ability to work cross-functionally with different teams.
• Advanced English for collaborating with remote team members and customers.

Desirable Hard Skills

• IT and cybersecurity certifications are a plus, but not required.
• Scripting skills with languages such as Python, PowerShell, Go, and/or Bash.

Soft Skills

• Passion: Genuine enthusiasm for what you do and how it contributes to our company's mission;
• Dream: Proactively seek out opportunities and challenges to achieve extraordinary results. If you're someone who takes initiative and is always striving to improve, you'll fit right in;
• Own: Take ownership of your work, set high standards for yourself, and be accountable for outcomes demonstrating a strong sense of responsibility and commitment;
• Trust: Recognizing the importance of trust and support and actively working towards a collaborative and inclusive workplace;
• Share: Communicating openly and transparently, ensures clarity and honesty in interactions.

What You'll Do

• Support compliance and audit activities by collecting evidence, maintaining documentation, and ensuring security controls are in place.
• Perform regular user access reviews and enforce identity and access management (IAM) policies.
• Administer and manage Mobile Device Management (MDM) platforms, endpoint security tools, and related IT systems.
• Participate in blue team activities, including security monitoring, incident response, and threat analysis.
• Assist with cloud security reviews, configuration hardening, and monitoring.
• Provide IT support for security-related tasks, such as endpoint onboarding, secure configuration, and troubleshooting.
• Collaborate with engineering, compliance and other teams to implement security best practices and resolve technical issues.
• Contribute to the development and maintenance of security documentation, policies, and procedures.

Benefits

• Fully Remote & Flexible Working Hours
• Flexible Paid Time Off, Holidays and Vacation
• Company Laptop
• Remote Benefit
• iTalki, Courses and Books
• Stock Options
• Multicultural Environment
• Vibrant Company Culture

Check out our handbook to dive into each of our awesome benefits! At Rocket.Chat, we have tailored base pay ranges according to work locations. This approach ensures that we can competitively and consistently compensate our employees across different geographic markets.

• While we define an initial seniority level and budget for each role, this can be adjusted during the hiring process. The selection process itself — including interviews and assessments — helps us better understand where the candidate fits within our career framework and which grade they should be positioned in.
• To ensure fairness and consistency, all applications are accepted exclusively via our Careers site. Submissions through other channels will not be taken into consideration.

About Rocket.Chat

Rocket.Chat is the world's largest open-source communications platform. Built for organizations needing more control over their communications, Rocket.Chat Secure CommsOS is a communication platform that unifies messaging, voice, video, AI, and mission-critical applications—ensuring uncompromising security, compliance, and operational efficiency for governments, defense, and critical infrastructure organizations operating in highly-regulated environments.

Tens of millions of users in over 150 countries and organizations such as Deutsche Bahn, the U.S. Navy and Credit Suisse trust Rocket.Chat every day to keep their communications completely private and secure. As Rocket.Chat we believe in reconnecting the world, one conversation at a time!

See yourself in that? So apply now! Check out our handbook for more information about our rocket.

Overview

Join to apply for the IT Security Engineer role at Rocket.Chat .

• Support compliance and audit activities by collecting evidence, maintaining documentation, and ensuring security controls are in place.
• Perform regular user access reviews and enforce identity and access management (IAM) policies.
• Administer and manage Mobile Device Management (MDM) platforms, endpoint security tools, and related IT systems.
• Participate in blue team activities, including security monitoring, incident response, and threat analysis.
• Assist with cloud security reviews, configuration hardening, and monitoring.
• Provide IT support for security-related tasks, such as endpoint onboarding, secure configuration, and troubleshooting.
• Collaborate with engineering, compliance and other teams to implement security best practices and resolve technical issues.
• Contribute to the development and maintenance of security documentation, policies, and procedures.

• Solid understanding of Identity and Access Management (IAM) principles and practices.
• Knowledge of compliance frameworks and regulations such as ISO 27001, SOC 2, GDPR/LGPD, NIST, etc.
• Familiarity with cloud platforms (AWS, Azure, or GCP) and their associated security risks and controls.
• Exposure to endpoint management, MDM solutions, and IT support tools.
• Exposure to security operations, monitoring tools (e.g., SIEM, EDR), and incident response processes.
• Strong problem-solving skills and ability to work cross-functionally with different teams.
• Advanced English for collaborating with remote team members and customers.

• IT and cybersecurity certifications are a plus, but not required.
• Scripting skills with languages such as Python, PowerShell, Go, and/or Bash.

• Passion: Genuine enthusiasm for what you do and how it contributes to our company's mission.
• Dream: Proactively seek out opportunities and challenges to achieve extraordinary results. If you’re someone who takes initiative and is always striving to improve, you’ll fit right in.
• Own: Take ownership of your work, set high standards for yourself, and be accountable for outcomes demonstrating a strong sense of responsibility and commitment.
• Trust: Recognizing the importance of trust and support and actively working towards a collaborative and inclusive workplace.
• Share: Communicating openly and transparently, ensures clarity and honesty in interactions.

• Job Title: IT Security Engineer
• Level: Junior | Mid Level
• Working Hours: Full Time (40h/Week)
• Contract: Contractor
• Location: LATAM, Brazil

Rocket.Chat is the world's largest open-source communications platform. Built for organizations needing more control over their communications, Rocket.Chat Secure CommsOS is a communication platform that unifies messaging, voice, video, AI, and mission-critical applications—ensuring uncompromising security, compliance, and operational efficiency for governments, defense, and critical infrastructure organizations operating in highly-regulated environments.

Tens of millions of users in over 150 countries and organizations such as Deutsche Bahn, the U.S. Navy and Credit Suisse trust Rocket.Chat every day to keep their communications completely private and secure. As Rocket.Chat we believe in reconnecting the world, one conversation at a time!

Check out our handbook to dive into each of our awesome benefits! At Rocket.Chat, we have tailored base pay ranges according to work locations. This approach ensures that we can competitively and consistently compensate our employees across different geographic markets.

While we define an initial seniority level and budget for each role, this can be adjusted during the hiring process. All applications are accepted exclusively via our Careers site. Submissions through other channels will not be taken into consideration.

Join to apply for the IT Security Engineer role at Rocket.Chat .

You will report to our Head of Security and join the Security team. On TheOrg you can view the complete structure of our organisation, including information about every team member, hiring managers and the size of each department.

The IT Security Engineer plays a key role at the intersection of cybersecurity and IT operations. This position supports day-to-day IT and security functions, contributes to compliance and governance initiatives, and assists in strengthening the organisation’s security posture. The ideal candidate is a hands-on problem solver who is comfortable working across infrastructure, cloud, identity, and security domains.

• Support compliance and audit activities by collecting evidence, maintaining documentation, and ensuring security controls are in place.
• Perform regular user access reviews and enforce identity and access management (IAM) policies.
• Administer and manage Mobile Device Management (MDM) platforms, endpoint security tools, and related IT systems.
• Participate in blue team activities, including security monitoring, incident response, and threat analysis.
• Assist with cloud security reviews, configuration hardening, and monitoring.
• Provide IT support for security-related tasks, such as endpoint onboarding, secure configuration, and troubleshooting.
• Collaborate with engineering, compliance and other teams to implement security best practices and resolve technical issues.
• Contribute to the development and maintenance of security documentation, policies, and procedures.

• Solid understanding of Identity and Access Management (IAM) principles and practices.
• Knowledge of compliance frameworks and regulations such as ISO 27001, SOC 2, GDPR/LGPD, NIST, etc.
• Familiarity with cloud platforms (AWS, Azure, or GCP) and their associated security risks and controls.
• Exposure to endpoint management, MDM solutions, and IT support tools.
• Exposure to security operations, monitoring tools (e.g., SIEM, EDR), and incident response processes.
• Strong problem-solving skills and ability to work cross-functionally with different teams.
• Advanced English for collaborating with remote team members and customers.
• IT and cybersecurity certifications are a plus, but not required.
• Scripting skills with languages such as Python, PowerShell, Go, and/or Bash.
• Values: Passion, Ownership, Trust, and Collaboration to support a healthy security culture.

• Fully Remote & Flexible Working Hours
• Flexible Paid Time Off, Holidays and Vacation
• Company Laptop
• iTalki, Courses and Books
• Stock Options
• Vibrant Company Culture

Note: We tailor base pay ranges according to work locations to competently compensate employees across geographic markets. While we define an initial seniority level and budget for each role, this can be adjusted during the hiring process. The selection process — including interviews and assessments — helps us better understand where the candidate fits within our career framework and which grade they should be positioned in.

Rocket.Chat is the world's largest open-source communications platform. Built for organizations needing more control over their communications, Rocket.Chat Secure CommsOS is a platform that unifies messaging, voice, video, AI, and mission-critical applications—ensuring security, compliance, and operational efficiency for governments, defense, and critical infrastructure organizations operating in highly-regulated environments.

Tens of millions of users in over 150 countries rely on Rocket.Chat daily. See yourself in that? Apply now and explore our handbook for more information about our culture and benefits.

• Seniority level: Entry level
• Employment type: Full-time
• Job function: Information Technology
• Industries: Software Development

Join to apply for the IT Security Engineer role at Rocket.Chat .

You will report to our Head of Security and join the Security team. On TheOrg you can view the complete structure of our organisation, including information about every team member, hiring managers and the size of each department.

The IT Security Engineer plays a key role at the intersection of cybersecurity and IT operations. This position supports day-to-day IT and security functions, contributes to compliance and governance initiatives, and assists in strengthening the organisation’s security posture. The ideal candidate is a hands-on problem solver who is comfortable working across infrastructure, cloud, identity, and security domains.

• Support compliance and audit activities by collecting evidence, maintaining documentation, and ensuring security controls are in place.
• Perform regular user access reviews and enforce identity and access management (IAM) policies.
• Administer and manage Mobile Device Management (MDM) platforms, endpoint security tools, and related IT systems.
• Participate in blue team activities, including security monitoring, incident response, and threat analysis.
• Assist with cloud security reviews, configuration hardening, and monitoring.
• Provide IT support for security-related tasks, such as endpoint onboarding, secure configuration, and troubleshooting.
• Collaborate with engineering, compliance and other teams to implement security best practices and resolve technical issues.
• Contribute to the development and maintenance of security documentation, policies, and procedures.

• Solid understanding of Identity and Access Management (IAM) principles and practices.
• Knowledge of compliance frameworks and regulations such as ISO 27001, SOC 2, GDPR/LGPD, NIST, etc.
• Familiarity with cloud platforms (AWS, Azure, or GCP) and their associated security risks and controls.
• Exposure to endpoint management, MDM solutions, and IT support tools.
• Exposure to security operations, monitoring tools (e.g., SIEM, EDR), and incident response processes.
• Strong problem-solving skills and ability to work cross-functionally with different teams.
• Advanced English for collaborating with remote team members and customers.
• IT and cybersecurity certifications are a plus, but not required.
• Scripting skills with languages such as Python, PowerShell, Go, and/or Bash.
• Values: Passion, Ownership, Trust, and Collaboration to support a healthy security culture.

• Fully Remote & Flexible Working Hours
• Flexible Paid Time Off, Holidays and Vacation
• Company Laptop
• iTalki, Courses and Books
• Stock Options
• Vibrant Company Culture

Note: We tailor base pay ranges according to work locations to competently compensate employees across geographic markets. While we define an initial seniority level and budget for each role, this can be adjusted during the hiring process. The selection process — including interviews and assessments — helps us better understand where the candidate fits within our career framework and which grade they should be positioned in.

Rocket.Chat is the world's largest open-source communications platform. Built for organizations needing more control over their communications, Rocket.Chat Secure CommsOS is a platform that unifies messaging, voice, video, AI, and mission-critical applications—ensuring security, compliance, and operational efficiency for governments, defense, and critical infrastructure organizations operating in highly-regulated environments.

Tens of millions of users in over 150 countries rely on Rocket.Chat daily. See yourself in that? Apply now and explore our handbook for more information about our culture and benefits.

• Seniority level: Entry level
• Employment type: Full-time
• Job function: Information Technology
• Industries: Software Development

Overview

Join to apply for the IT Security Engineer role at Rocket.Chat .

You will report to our Head of Security and join the Security team. On TheOrg you can view the complete structure of our organisation, including information about every team member, hiring managers and the size of each department.

• Support compliance and audit activities by collecting evidence, maintaining documentation, and ensuring security controls are in place.
• Perform regular user access reviews and enforce identity and access management (IAM) policies.
• Administer and manage Mobile Device Management (MDM) platforms, endpoint security tools, and related IT systems.
• Participate in blue team activities, including security monitoring, incident response, and threat analysis.
• Assist with cloud security reviews, configuration hardening, and monitoring.
• Provide IT support for security-related tasks, such as endpoint onboarding, secure configuration, and troubleshooting.
• Collaborate with engineering, compliance and other teams to implement security best practices and resolve technical issues.
• Contribute to the development and maintenance of security documentation, policies, and procedures.
• Fully Remote & Flexible Working Hours
• Flexible Paid Time Off, Holidays and Vacation
• Company Laptop
• iTalki, Courses and Books
• Stock Options
• Vibrant Company Culture

• Solid understanding of Identity and Access Management (IAM) principles and practices.
• Knowledge of compliance frameworks and regulations such as ISO 27001, SOC 2, GDPR/LGPD, NIST, etc.
• Familiarity with cloud platforms (AWS, Azure, or GCP) and their associated security risks and controls.
• Exposure to endpoint management, MDM solutions, and IT support tools.
• Exposure to security operations, monitoring tools (e.g., SIEM, EDR), and incident response processes.
• Strong problem-solving skills and ability to work cross-functionally with different teams.
• Advanced English for collaborating with remote team members and customers.
• IT and cybersecurity certifications are a plus, but not required.
• Scripting skills with languages such as Python, PowerShell, Go, and/or Bash.
• Passion, drive, ownership, trust, and a collaborative mindset aligned with Rocket.Chat values.

• Entry level

• Full-time

• Information Technology

• Software Development

Rocket.Chat is the world's largest open-source communications platform. Built for organizations needing more control over their communications, Rocket.Chat Secure CommsOS is a communication platform that unifies messaging, voice, video, AI, and mission-critical applications—ensuring uncompromising security, compliance, and operational efficiency for governments, defense, and critical infrastructure organizations operating in highly-regulated environments.

Tens of millions of users in over 150 countries and organizations such as Deutsche Bahn, the U.S. Navy and Credit Suisse trust Rocket.Chat every day to keep their communications completely private and secure. As Rocket.Chat we believe in reconnecting the world, one conversation at a time!

So apply now! Check out our handbook for more information about our rocket.

Join to apply for the IT Security Engineer role at Rocket.Chat

You will report to our Head of Security and join the Security team. On TheOrg you can view the complete structure of our organisation, including information about every team member, hiring managers and the size of each department.

The IT Security Engineer plays a key role at the intersection of cybersecurity and IT operations. This position supports day-to-day IT and security functions, contributes to compliance and governance initiatives, and assists in strengthening the organisation’s security posture. The ideal candidate is a hands-on problem solver who is comfortable working across infrastructure, cloud, identity, and security domains.

• Support compliance and audit activities by collecting evidence, maintaining documentation, and ensuring security controls are in place.
• Perform regular user access reviews and enforce identity and access management (IAM) policies.
• Administer and manage Mobile Device Management (MDM) platforms, endpoint security tools, and related IT systems.
• Participate in blue team activities, including security monitoring, incident response, and threat analysis.
• Assist with cloud security reviews, configuration hardening, and monitoring.
• Provide IT support for security-related tasks, such as endpoint onboarding, secure configuration, and troubleshooting.
• Collaborate with engineering, compliance and other teams to implement security best practices and resolve technical issues.
• Contribute to the development and maintenance of security documentation, policies, and procedures.

• Solid understanding of Identity and Access Management (IAM) principles and practices.
• Knowledge of compliance frameworks and regulations such as ISO 27001, SOC 2, GDPR/LGPD, NIST, etc.
• Familiarity with cloud platforms (AWS, Azure, or GCP) and their associated security risks and controls.
• Exposure to endpoint management, MDM solutions, and IT support tools.
• Exposure to security operations, monitoring tools (e.g., SIEM, EDR), and incident response processes.
• Strong problem-solving skills and ability to work cross-functionally with different teams.
• Advanced English for collaborating with remote team members and customers.
• IT and cybersecurity certifications are a plus, but not required.
• Scripting skills with languages such as Python, PowerShell, Go, and/or Bash.

• Fully Remote & Flexible Working Hours
• Flexible Paid Time Off, Holidays and Vacation
• Company Laptop
• iTalki, Courses and Books
• Stock Options
• Vibrant Company Culture

Check out our handbook to dive into each of our awesome benefits! At Rocket.Chat, we have tailored base pay ranges according to work locations. This approach ensures that we can competitively and consistently compensate our employees across different geographic markets.

Note: While we define an initial seniority level and budget for each role, this can be adjusted during the hiring process. The selection process itself — including interviews and assessments — helps us better understand where the candidate fits within our career framework and which grade they should be positioned in.

Rocket.Chat is the world's largest open-source communications platform. Built for organizations needing more control over their communications, Rocket.Chat Secure CommsOS is a communication platform that unifies messaging, voice, video, AI, and mission-critical applications—ensuring uncompromising security, compliance, and operational efficiency for governments, defense, and critical infrastructure organizations operating in highly-regulated environments.

Tens of millions of users in over 150 countries and organizations such as Deutsche Bahn, the U.S. Navy and Credit Suisse trust Rocket.Chat every day to keep their communications completely private and secure. As Rocket.Chat we believe in reconnecting the world, one conversation at a time!

Check out our handbook for more information about our rocket.

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.

Those in information security at PwC will focus on protecting sensitive data and systems from cyber threats through risk assessments, security audits, and implementing robust security measures. Your work will help enable the confidentiality, integrity, and availability of information assets for clients.

Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow.

Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:

• Conduct initial reviews of application readiness tickets


• Facilitate accuracy of technology and design information


• Communicate with customers to clarify questions and issues


• Collaborate with risk managers to address IT security concerns


• Document progress and updates in the ticketing system


• Guide next steps and set up necessary meetings


• Maintain attention to detail in every review


• Foster resilient relationships with team members and clients

Management level

• Senior Associate

When you join PwC Acceleration Centers (ACs), you step into a pivotal role focused on actively supporting various Acceleration Center services, from Advisory to Assurance, Tax and Business Services. In our innovative hubs, you’ll engage in challenging projects and provide distinctive services to support client engagements through enhanced quality and innovation. You’ll also participate in dynamic and digitally enabled training that is designed to grow your technical and professional skills.

As part of the Cybersecurity team you review Application Readiness Risk Review tickets to assess technology and design information accuracy. As a Senior Associate, you guide the initial review process, collaborating with AR Risk Managers and AppSec Architects to address IT security concerns and document progress in the SNow AR Ticket system.

• Bachelor's Degree


• 5 years of experience with IT Audit, compliance or security protocols


• Soft & communication skills


• Security and Technology knowledge


• Oral and written proficiency in English required

• Certifications such as CISSP, CRISP, ISP, OWASP, ITIL preferred

• Understand the importance of have a correct information management


• Knowledge of Information Security and Data Protection


• Correct Information Security Management

All qualified applicants will receive consideration for employment at PwC without regard to ethnicity; creed; color; religion; national origin; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; marital; or any other status protected by law. PwC is proud to be an inclusive organization and equal opportunity employer.

Not Specified

Location: Tortuguitas, Buenos Aires Province, Argentina

DLA Pharma is a Septodont Group company, a world leader in the manufacture of injectable anesthetics for dentistry. Located in the city of Catanduva (SP), it is one of the largest dental anesthetic factories in Latin America.

The Septodont Group has been on the market for 90 years, able to meet the needs of the dental sector with products for pain control, endodontics, restorative dentistry, infection control and much more. It employs more than 1900 people and has six production units in various parts of the world, two in Brazil, two in France, one in North America and one in India, as well as an international distribution network dedicated to meeting the needs of dental professionals in more than 150 countries.

The IT Security Engineer is enthusiastic about cybersecurity, understanding the business ecosystem, and committed to implementing robust security measures and technologies. They actively engage in protecting the organization’s information assets and critical data from cyber attacks and risks, ensuring the security and integrity of digital projects, initiatives and processes.

The IT Security Engineer is responsible for implementing, managing, and monitoring security measures to protect the organization’s information systems and networks. This role involves hands-on technical work to ensure the security systems are effective and up-to-date, responding to security incidents, and maintaining the overall security posture of the organization.

Design and Implementation Activities
· Develops, implements and maintains security solutions that enable the enterprise to protect its information assets and capabilities, ensuring alignment with business, technology, and threat drivers.
· Develops and executes security plans based on established security practices and frameworks.
· Creates and updates security documentation (e.g., configurations, procedures, standards) to leverage security capabilities in projects and operations.
· Collaborates with IT Infrastructure & Operations to establish and maintain baseline security configuration standards for operating systems (e.g., OS hardening), applications, networking, identity and access management (IAM), mobile devices, cloud environments, AI/ML services and cybersecurity platforms.
· Drafts and implements security procedures and standards, ensuring they are reviewed and approved by IT management.
· Monitors developments and changes in the digital business and threat environments to ensure they are adequately addressed in security plans and the implementation of security controls.
· Validates IT and OT infrastructure for security best practices and recommends changes to enhance security and reduce risks where applicable.
· Assesses security configurations and access to security infrastructure tools, including firewalls, SASE platform, Email Security Gateways, XDR, MDR, SIEM, and cloud environments.
· Conducts or facilitates threat modeling of services and applications to identify and mitigate risks associated with the service or application.
· Supports the development and implementation of IT security controls to protect the organization’s information assets.
· Reviews security technologies, tools and services, and makes recommendations to the broader IT team for their use, based on risk and operational metrics.

Collaboration
· Works with business teams to conduct security assessments of existing and prospective vendors and services, including:
o Information systems used to process critical and strategic business data.
o Web applications.
o Cloud solution providers (IaaS, PaaS, SaaS).
o Business process outsourcing (BPOs).
o Managed service providers (MSPs).
· Partners with IT Infrastructure & Operations (I&O) to ensure security by design in infrastructure and applications, collaborating on maintaining security platforms, applications, and controls.
· Evaluates statements of work (SOWs) for vendors and service providers to ensure that adequate security protections and controls are in place.
· Collaborates with other IT members to share best practices and insights, fostering a culture of continuous improvement in cybersecurity.
· Participates in application, operations and infrastructure projects to provide security by design advice.

Business-Related Skills
The IT Security Engineer should share insights with the IT team and other business units. Key skills include:

Technical planning: Interpret business, technology, and threat drivers to develop security solutions.
Communication: Translate complex security issues into business terms for colleagues, presenting analyses in person and in writing. Full professional proficiency in English is required.
Financial analysis: Evaluate security technologies, assess financial costs, quantify purchasing and licensing options, estimate labor costs, and calculate total cost of ownership (TCO), Return on Investment (ROI), or payback period.
Project management: Draft project plans and coordinate with stakeholders for security services and technology implementations.

Technical-Related Skills:
o Hands-on experience managing security infrastructure: firewalls, intrusion prevention systems (IPSs), endpoint and extended detection and response (EDR/XDR), Security Information and Event Management (SIEM), and log management technologies.
o Hands-on experience with vulnerability management processes and tools.
o Experience with threat modeling methodologies to identify and mitigate risks in new applications and services.
o Experience implementing and managing security in public cloud services, primarily Microsoft Azure.
Full-Stack IT Infrastructure Knowledge:
o Applications: Understanding of application security principles and practices.
o Databases: Knowledge of database security.
o Operating Systems: Proficiency in Windows server and workstation versions (mandatory) and Linux (desirable).
o Hypervisors: Experience in securing virtualization technologies.
o Networks: Knowledge of WAN, LAN, SASE security practices.
o Backup Solutions: Experience with backup solutions, especially Veeam.
Identity and Access Management (IAM):
o Experience with Windows Active Directory and Azure Entra ID.
o Knowledge of Privileged Access Management (PAM) and Privileged Identity Management (PIM) solutions.
IT Service Management:
o Change Management: Understanding of processes to manage changes in IT services.
o Configuration Management: Knowledge of maintaining information about configuration items required to deliver IT services.
o Asset Management: Experience in managing IT assets to ensure they are secure.
o Incident Management: Skills in managing and resolving incidents to restore normal service operation.
o Problem Management: Ability to identify and manage the root causes of incidents.
Knowledge of Cybersecurity Frameworks: Familiarity with frameworks like NIST Cybersecurity Framework (CSF) and ISO 27001.
Collaboration Tools: Knowledgeable in Microsoft 365 collaboration tools.
Cybersecurity certifications are considered a plus:
- ISACA CISM.
- ISC2 CISSP.
- Microsoft Cybersecurity Architect Expert - SC100.

DLA Pharma is a Septodont Group company, a world leader in the manufacture of injectable anesthetics for dentistry. Located in the city of Catanduva (SP), it is one of the largest dental anesthetic factories in Latin America.

The Septodont Group has been on the market for 90 years, able to meet the needs of the dental sector with products for pain control, endodontics, restorative dentistry, infection control and much more. It employs more than 1900 people and has six production units in various parts of the world, two in Brazil, two in France, one in North America and one in India, as well as an international distribution network dedicated to meeting the needs of dental professionals in more than 150 countries.

The IT Security Engineer is enthusiastic about cybersecurity, understanding the business ecosystem, and committed to implementing robust security measures and technologies. They actively engage in protecting the organization’s information assets and critical data from cyber attacks and risks, ensuring the security and integrity of digital projects, initiatives and processes.

The IT Securty Engineer is responsible for implementing, managing, and monitoring security measures to protect the organization’s information systems and networks. This role involves hands-on technical work to ensure the security systems are effective and up-to-date, responding to security incidents, and maintaining the overall security posture of the organization.

Design and Implementation Activities
· Develops, implements and maintains security solutions that enable the enterprise to protect its information assets and capabilities, ensuring alignment with business, technology, and threat drivers.
· Develops and executes security plans based on established security practices and frameworks.
· Creates and updates security documentation (e.g., configurations, procedures, standards) to leverage security capabilities in projects and operations.
· Collaborates with IT Infrastructure & Operations to establish and maintain baseline security configuration standards for operating systems (e.g., OS hardening), applications, networking, identity and access management (IAM), mobile devices, cloud environments, AI/ML services and cybersecurity platforms.
· Drafts and implements security procedures and standards, ensuring they are reviewed and approved by IT management.
· Monitors developments and changes in the digital business and threat environments to ensure they are adequately addressed in security plans and the implementation of security controls.
· Validates IT and OT infrastructure for security best practices and recommends changes to enhance security and reduce risks where applicable.
· Assesses security configurations and access to security infrastructure tools, including firewalls, SASE platform, Email Security Gateways, XDR, MDR, SIEM, and cloud environments.
· Conducts or facilitates threat modeling of services and applications to identify and mitigate risks associated with the service or application.
· Supports the development and implementation of IT security controls to protect the organization’s information assets.
· Reviews security technologies, tools and services, and makes recommendations to the broader IT team for their use, based on risk and operational metrics.

Collaboration
· Works with business teams to conduct security assessments of existing and prospective vendors and services, including:
o Information systems used to process critical and strategic business data.
o Web applications.
o Cloud solution providers (IaaS, PaaS, SaaS).
o Business process outsourcing (BPOs).
o Managed service providers (MSPs).
· Partners with IT Infrastructure & Operations (I&O) to ensure security by design in infrastructure and applications, collaborating on maintaining security platforms, applications, and controls.
· Evaluates statements of work (SOWs) for vendors and service providers to ensure that adequate security protections and controls are in place.
· Collaborates with other IT members to share best practices and insights, fostering a culture of continuous improvement in cybersecurity.
· Participates in application, operations and infrastructure projects to provide security by design advice.

Business-Related Skills

The IT Security Engineer should share insights with the IT team and other business units. Key skills include:

Technical planning: Interpret business, technology, and threat drivers to develop security solutions.
Communication: Translate complex security issues into business terms for colleagues, presenting analyses in person and in writing. Full professional proficiency in English is required.
Financial analysis: Evaluate security technologies, assess financial costs, quantify purchasing and licensing options, estimate labor costs, and calculate total cost of ownership (TCO), Return on Investment (ROI), or payback period.
Project management: Draft project plans and coordinate with stakeholders for security services and technology implementations.

Technical-Related Skills:

o Hands-on experience managing security infrastructure: firewalls, intrusion prevention systems (IPSs), endpoint and extended detection and response (EDR/XDR), Security Information and Event Management (SIEM), and log management technologies.

o Hands-on experience with vulnerability management processes and tools.

o Experience with threat modeling methodologiesto identify and mitigate risks in new applications and services.

o Experience implementing and managing security in public cloud services, primarily Microsoft Azure.

Full-Stack IT Infrastructure Knowledge:

o Applications: Understanding of application security principles and practices.

o Databases: Knowledge of database security.

o Operating Systems: Proficiency in Windows server and workstation versions (mandatory) and Linux (desirable).

o Hypervisors: Experience in securing virtualization technologies.

o Networks: Knowledge of WAN, LAN, SASE security practices.

o Backup Solutions: Experience with backup solutions, especially Veeam.

Identity and Access Management (IAM):

o Experience with Windows Active Directory and Azure Entra ID.

o Knowledge of Privileged Access Management (PAM) and Privileged Identity Management (PIM) solutions.

IT Service Management:

o Change Management: Understanding of processes to manage changes in IT services.

o Configuration Management: Knowledge of maintaining information about configuration items required to deliver IT services.

o Asset Management: Experience in managing IT assets to ensure they are secure.

o Incident Management: Skills in managing and resolving incidents to restore normal service operation.

o Problem Management: Ability to identify and manage the root causes of incidents.

Knowledge of Cybersecurity Frameworks: Familiarity with frameworks like NIST Cybersecurity Framework (CSF) and ISO 27001.

Collaboration Tools: Knowledgeable in Microsoft 365 collaboration tools.

Cybersecurity certifications are considered a plus:

- ISACA CISM.

- ISC2 CISSP.

- Microsoft Cybersecurity Architect Expert - SC100.