2.001 Empregos para Cissp - Brasil
Auditor Com Certificação CISA, CISSP Ou CISM
Hoje
Trabalho visualizado
Descrição Do Trabalho
ATRIBUIÇÕES: Atribuições: Auditorias em Autoridades Certificadoras – AC, aspectos técnicos e normativos da ICP-Brasil Confeccionar o plano de trabalho, realizar as validações documentais, técnicas e de processos, elaborar papeis de trabalho e respectivos relatórios de auditoria. REQUISITOS: Requisitos: Profissional com conhecimento na área de segurança da informação: escolaridade superior em tecnologia da informação ou áreas afins; Possuir uma das seguintes certificações internacionais – CISA, CISSP ou CISM; Ter disponibilidade para viagens em território nacional. ESCOLARIDADE: Ensino Médio JORNADA: Jornada de Trabalho: Turno integral. BENEFÍCIOS: Salário a combinar. Benefícios: Vale transporte; Vale refeição. Vaga aberta e verificada pelo portal Buscar Vagas em parceria com o site Divulga Vagas Brasil.
Ensino Médio
Information Security Engineer
Hoje
Trabalho visualizado
Descrição Do Trabalho
About The Team/Role
We are the WEX Identity Protection Team, tasked with deploying and managing security IAM technologies and procedures across the enterprise. We work closely with internal teams and clients to ensure the company functions securely. Our team maintains a high standard and collaborates closely to foster robust, dependable, and efficient relationships. We take ownership of our outcomes and take pride in our workmanship.
Changing the world isn't easy, and we have much work ahead. From securing applications, data centers and cloud resources, we've got more work than we can handle and we're looking for great people to come along for the ride. We are looking for an application security engineer who is responsible for ensuring the secure function of software security and familiarity with multiple general security practices and toolsets
*How you'll make an impact *
- A highly motivated senior security engineer who loves working in and with high-performing team that interface with the entire enterprise
- A collaborative, solid communicator who works well with your team and stakeholders to drive projects from inception to completion
- Someone who cares deeply for team results but can work independently to deliver high-quality solutions for projects and operational tasks
- Comfortable balancing the need to move fast with the realities of working in a highly regulated organization
- Someone who thrives in situations where details and accuracy are vital
- A skilled worker that has the motivation, expertise, and work ethic to operate independently across global time zones, and who can complete tasks and deliverables with minimal oversight
- Work closely with Enterprise IT teams on securing access to WEX's infrastructure and applications
- Able to mentor other engineers both technically and professional
- Have exceptional knowledge of commonly used Identity tools/platforms.
- Configure, troubleshoot and maintain identity access platforms and infrastructure
- Install/implement and configure security applications that monitor systems & infrastructures
- Have IT experience and knowledge of operating systems and their access controls
- Monitor systems for irregular behavior and set up preventive measures
- Plan, develop, implement and update the company's information security strategy
- Handle security business-critical tasks and security systems administration
- Install, configure, update and troubleshoot our global security tools and services
- Identify, define and document system security requirements and recommend solutions to management
- Develop, execute and track the performance of security measures to protect the information, servers, and computer systems
- Write comprehensive guides, standards and reports including assessment-based findings, outcomes, and recommendations for security enhancements
- Have a diverse background in IT, security, and supporting processes
*Experience you'll bring *
- Are able to communicate effectively in both written and spoken English
- Have hands-on administrative and development experience with Identity Access platforms including installation, configuration, and administration.
- Experience working with Sailpoint
- Have a strong understanding of Identity Access Management, including governance, lifecycle and compliance.
- Have experience with scripting and automation using languages such as Java.
- Are familiar with security frameworks and standards (e.g., NIST, ISO 27001, PCI DSS).
- Have excellent analytical, problem-solving, and communication skills.
- Have a strong, practical understanding of modern IT infrastructure, networking, and security engineering concepts
- Can troubleshoot information security issues within a complex environment
- Experience in engineering and implementing solutions that meet security, compliance, and business needs
- Can commit and deliver on defined project/delivery timelines with minimal supervision
- Can work in an on-call rotation which may include some night and weekend shifts
- Relevant certifications for Sailpoint Certified Engineer.
- Experience working with Java/Beanshell languages
- Experience working with Linux OS
- Basic Network security knowledge
- Experience working with OKTA, Auth0
- Experience working with Delinea PAM, CrowdStrike Identity Protection, IT Access using Artificial intelligence.
Information Security Engineer
Publicado há 16 dias atrás
Trabalho visualizado
Descrição Do Trabalho
4 days ago Be among the first 25 applicants
Array Technologies, Inc. is a global leader in solar energy solutions – and we have been for over 30 years! Our dramatic growth is creating incredible opportunities on our dynamic, innovative and
creative team. Are you self-motivated, highly-skilled and possess previous Cyber Security / Information Security experience?
Would you love to play a key role in advancing the clean energy revolution? Join the company that is leading the way!
What you’ll do:
The engineer will be a key member in maturing the IT and OT Security organization. They will be part of a global security team that provides support for all areas of Information Security. A successful candidate will have experience with and/or strong interest in becoming a subject matter expert in multiple Security disciplines. These include Zero Trust Architecture, Application and Cloud Security, IAM and/or Data Protection/DLP. Additionally, the engineer will be a point of escalation for investigating and remediating potential threats. The engineer will continuously be apprised of emerging technologies, threats, attacks, and countermeasures and recommend enhancements based on industry best practices. You will:
- Design, document, test, maintain, and provide issue resolution recommendations for security solutions related to Zero Trust tools, secure software development, cloud, access, authentication/directory services, email, and/or endpoint security.
- Work with various departments to design, implementation, and maintain IAM policy.
- Contribute to the development and maintenance of Zero Trust Architecture and SASE tools.
- Partner with Dev teams to define, execute, and continuously improve our secure software development processes.
- Partner with IT and Product teams to assess, document and develop Cloud Security best practices.
- Participates in security incident response activities, conducts technical investigation of security-related incidents and conducts post-incident digital forensics to identify causes and recommend future mitigation strategies.
- Identifies security vulnerabilities/issues, performs risk assessments, and evaluates remediation alternatives.
- Contributes to the development and maintenance of information security architecture.
- Collaborates with other IT teams such as infrastructure and application development in the protection of the company’s IT assets including network, servers, applications, and 3rd party service providers.
- Contributes to the development of ongoing information security policies and procedures, and ensures such policies and procedures are put into practice in the day-to-day operations of the company’s technology environment.
The qualifications you must have:
- Some Experience with IAM, SASE, SSDLC, SIEM/SOAR, EDR, EPP
- Knowledge of Cybersecurity architectures and methodologies (OWASP, Github Advanced Security, Azure DevOps, Zero Trust, NIST, Defense in depth, Kill-Chain, etc.)
- Knowledge of Secure Cloud Architecture, Vulnerability Management, and Incident Response
- Familiar with Data Loss Prevention (DLP), Data Protection, and Disaster Recovery
- Familiar with network/security (IDS/IPS, firewalls, DNS, DHCP)
- Technical knowledge of Microsoft and Linux
Our preferred qualifications:
- Cyber Security certifications.
- 5-10 years of IT industry experience with 3-5 years of those in a role directly related to information security and IT compliance disciplines such as app security, cloud security, IAM, DLP, SASE, etc.
- Strong subject matter expertise in one or more of technical disciplines such as IT infrastructure, applications development and/or information security.
- Familiarity with information security disciplines such as privacy protection and data loss prevention.
- Strong experience in managing cybersecurity incidents and event response.
- Awareness of industry standards such as ISO, NIST as they relate to information security and protection of privacy.
- Experience with NERC-CIP standard and polices a plus.
- Experienced in executing privacy compliance initiatives in response to global privacy regulations such as GDPR and LGPD would be an asset.
- Knowledge of national and international regulatory compliances and frameworks such as ISO, NIST, and SOX.
Array Technologies, Inc. offers equal employment opportunity without regard to race, color, gender, age, creed, sex, religion, national origin, disability (physical or mental), marital status, citizenship, ancestry, sexual orientation, gender identity and gender expression, or any other legally protected status.
Seniority level- Seniority level Associate
- Employment type Full-time
- Job function Engineering and Information Technology
- Industries Renewable Energy Equipment Manufacturing
Referrals increase your chances of interviewing at Array Technologies by 2x
Cyber Security Analyst Junior (SOC) - Campinas/SPWe’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-LjbffrSenior Information Security Engineer
Hoje
Trabalho visualizado
Descrição Do Trabalho
Company Description
Technology is our how. And people are our why. For over two decades, we have been harnessing technology to drive meaningful change.
By combining world-class engineering, industry expertise and a people-centric mindset, we consult and partner with leading brands from various industries to create dynamic platforms and intelligent digital experiences that drive innovation and transform businesses.
From prototype to real-world impact - be part of a global shift by doing work that matters.
Job Description
We are seeking a Senior Cybersecurity Specialist with deep expertise in Privileged Access Management (PAM) to join our dynamic security team. The ideal candidate will possess strong experience with CyberArk (or similar PAM platforms), and be skilled in problem-solving, critical thinking, and cross-functional collaboration in a global enterprise. A high level of English proficiency is essential for success in this role.
Key Responsibilities:
- Lead the design, implementation, and lifecycle management of Privileged Access Management solutions, with a strong focus on CyberArk.
- Enforce PAM policies, develop secure access practices, and perform risk assessments on privileged access.
- Integrate PAM solutions with enterprise systems including Identity and Access Management tools such as Okta.
- Manage and respond to security incidents involving privileged users or accounts.
- Collaborate with infrastructure, DevOps, and application teams to ensure secure integration of PAM solutions.
- Work with IT Service Management platforms (especially ServiceNow) to manage change management and approvals.
- Document procedures, playbooks, and system configurations aligned with best practices.
- Use tools such as Jira for tracking, planning, and project execution.
- Operate effectively using modern collaboration tools like Webex, Slack, and other enterprise communication platforms.
- Follow ITIL best practices in service delivery and incident/change/problem management processes.
- Participate in audits and ensure compliance with internal policies and external regulatory requirements.
Qualifications
Qualifications:
Must-Have:
- 5+ years of cybersecurity experience, with at least 3 years focused on Privileged Access Management.
- Proven hands-on expertise with CyberArk or equivalent PAM tools.
- Strong knowledge of Identity and Access Management (IAM), especially using Okta.
- Experience with ITIL-based service management, particularly change management processes in ServiceNow.
- Familiarity with Jira, ticketing systems, and project workflow tools.
- Proficiency in modern collaboration platforms:
Webex, Slack, Teams, and others.
- Advanced written and spoken English communication skills.
- Excellent problem-solving and critical thinking capabilities.
- Strong knowledge of Active Directory, LDAP, and integration with various enterprise systems.
Nice to have:
- CyberArk certifications (e.g., Defender, Sentry).
- Experience with scripting languages (PowerShell, Python).
- Familiarity with security frameworks (e.g., NIST, ISO
- Experience in cloud platforms (AWS, Azure, GCP) and managing privileged access in hybrid environments.
Additional Information
Additional Information
Discover some of the global benefits that empower our people to become the best version of themselves:
- Finance:
Competitive salary package, share plan, company performance bonuses, value-based recognition awards, referral bonus;
- Career Development:
Career coaching, global career opportunities, non-linear career paths, internal development programmes for management and technical leadership;
- Learning Opportunities:
Complex projects, rotations, internal tech communities, training, certifications, coaching, online learning platforms subscriptions, pass-it-on sessions, workshops, conferences;
- Work-Life Balance:
Hybrid work and flexible working hours, employee assistance programme;
- Health:
Global internal wellbeing programme, access to wellbeing apps;
- Community:
Global internal tech communities, hobby clubs and interest groups, inclusion and diversity programmes, events and celebrations.
At Endava, we're committed to creating an open, inclusive, and respectful environment where everyone feels safe, valued, and empowered to be their best. We welcome applications from people of all backgrounds, experiences, and perspectives—because we know that inclusive teams help us deliver smarter, more innovative solutions for our customers. Hiring decisions are based on merit, skills, qualifications, and potential. If you need adjustments or support during the recruitment process, please let us know.
Senior Information Security Engineer
Hoje
Trabalho visualizado
Descrição Do Trabalho
Company Description
Technology is our how. And people are our why. For over two decades, we have been harnessing technology to drive meaningful change.
By combining world-class engineering, industry expertise and a people-centric mindset, we consult and partner with leading brands from various industries to create dynamic platforms and intelligent digital experiences that drive innovation and transform businesses.
From prototype to real-world impact - be part of a global shift by doing work that matters.
Job Description
We are seeking a Senior Cybersecurity Specialist with deep expertise in Privileged Access Management (PAM) to join our dynamic security team. The ideal candidate will possess strong experience with CyberArk (or similar PAM platforms), and be skilled in problem-solving, critical thinking, and cross-functional collaboration in a global enterprise. A high level of English proficiency is essential for success in this role.
Key Responsibilities:
- Lead the design, implementation, and lifecycle management of Privileged Access Management solutions, with a strong focus on CyberArk.
- Enforce PAM policies, develop secure access practices, and perform risk assessments on privileged access.
- Integrate PAM solutions with enterprise systems including Identity and Access Management tools such as Okta.
- Manage and respond to security incidents involving privileged users or accounts.
- Collaborate with infrastructure, DevOps, and application teams to ensure secure integration of PAM solutions.
- Work with IT Service Management platforms (especially ServiceNow) to manage change management and approvals.
- Document procedures, playbooks, and system configurations aligned with best practices.
- Use tools such as Jira for tracking, planning, and project execution.
- Operate effectively using modern collaboration tools like Webex, Slack, and other enterprise communication platforms.
- Follow ITIL best practices in service delivery and incident/change/problem management processes.
- Participate in audits and ensure compliance with internal policies and external regulatory requirements.
Qualifications
Qualifications:
Must-Have:
- 5+ years of cybersecurity experience, with at least 3 years focused on Privileged Access Management.
- Proven hands-on expertise with CyberArk or equivalent PAM tools.
- Strong knowledge of Identity and Access Management (IAM), especially using Okta.
- Experience with ITIL-based service management, particularly change management processes in ServiceNow.
- Familiarity with Jira, ticketing systems, and project workflow tools.
- Proficiency in modern collaboration platforms: Webex, Slack, Teams, and others.
- Advanced written and spoken English communication skills.
- Excellent problem-solving and critical thinking capabilities.
- Strong knowledge of Active Directory, LDAP, and integration with various enterprise systems.
Nice to have:
- CyberArk certifications (e.g., Defender, Sentry).
- Experience with scripting languages (PowerShell, Python).
- Familiarity with security frameworks (e.g., NIST, ISO
- Experience in cloud platforms (AWS, Azure, GCP) and managing privileged access in hybrid environments.
Additional Information
Additional information
Discover some of the global benefits that empower our people to become the best version of themselves:
- Finance: Competitive salary package, share plan, company performance bonuses, value-based recognition awards, referral bonus;
- Career Development: Career coaching, global career opportunities, non-linear career paths, internal development programmes for management and technical leadership;
- Learning Opportunities: Complex projects, rotations, internal tech communities, training, certifications, coaching, online learning platforms subscriptions, pass-it-on sessions, workshops, conferences;
- Work-Life Balance: Hybrid work and flexible working hours, employee assistance programme;
- Health: Global internal wellbeing programme, access to wellbeing apps;
- Community: Global internal tech communities, hobby clubs and interest groups, inclusion and diversity programmes, events and celebrations.
At Endava, we're committed to creating an open, inclusive, and respectful environment where everyone feels safe, valued, and empowered to be their best. We welcome applications from people of all backgrounds, experiences, and perspectives—because we know that inclusive teams help us deliver smarter, more innovative solutions for our customers. Hiring decisions are based on merit, skills, qualifications, and potential. If you need adjustments or support during the recruitment process, please let us know.
Security Engineer
Hoje
Trabalho visualizado
Descrição Do Trabalho
About CloudWalk:
We are not just another fintech unicorn. We are a pack of dreamers, makers, and tech enthusiasts building the future of payments. With millions of happy customers and a hunger for innovation, we're now expanding our neural network - literally and metaphorically.
This is not a traditional pentesting role. At CloudWalk, you'll go beyond running scans or writing reports. You'll break into systems, exploit real weaknesses, and then engineer automations and agents to make sure those classes of vulnerabilities never come back. Your work will directly shape how CloudWalk defends itself at scale, turning offensive security knowledge into defensive engineering.
You'll be part of a team that blends red teaming, mobile/web pentesting, and security automation. If you enjoy moving fast, exploiting hard problems, and coding the solutions, this role is for you.
What You'll Do
- Become a Vulnerability Slayer: Support our efforts in making repetitive vulnerability scanning and remediation a thing of the past. You will help manage and improve automated workflows to identify and address vulnerabilities. You will also manually pentest our applications and systems to identify and mitigate potential issues.
- Automate the Grind: Build and improve security automations and agents that reduce repetitive scanning and streamline remediation across our environment.
- Champion Security by Design: Collaborate with our security and engineering teams to understand their needs and help translate them into effective security automations.
- Code with Security in Mind: Participate in code reviews to learn how to identify potential security vulnerabilities and recommend secure coding practices to developers.
- Innovate with LLMs: Experiment with LLMs and agent-driven frameworks to create new ways of detecting, classifying, and mitigating vulnerabilities in real time.
What We're Looking For
- Strong knowledge of common vulnerabilities, exploitation techniques, and secure coding best practices.
- Experience with mobile pentesting (Android/iOS), including relevant tooling and methodology.
- Hands-on experience with security automation (Python, Go, or similar).
- Bonus: Experience leveraging LLMs/agents for security tasks.
- Proficiency in at least one scripting language (Python, Go, or similar).
- Familiarity with cloud security principles (AWS, GCP, or Azure).
- Understanding of CI/CD pipelines and how to embed security checks into them.
- Excellent communication and collaboration skills to work effectively with engineering teams.
Join us at CloudWalk, where we're not just engineering solutions; we're building a smarter, AI-driven future for payments—together.
By applying for this position, your data will be processed as per CloudWalk's Privacy Policy that you can read here in Portuguese and here in English.
Security Engineer
Hoje
Trabalho visualizado
Descrição Do Trabalho
Nosso propósito é criar tecnologias que desafiam as melhores do mundo e mudam o jogo para nossos clientes. Por isso, buscamos profissionais que desejam fazer parte de uma cultura pautada pela excelência e inovação. Se você se identifica com um ambiente de trabalho colaborativo e movido por curiosidade, venha construir o futuro da tecnologia conosco.
O que você fará por aqui
- Implementar e manter controles de segurança em Cloud, alinhados ao AWS Well-Architected Framework e boas práticas (CIS, NIST).
- Desenvolver pipelines de automação para aplicar e monitorar políticas de segurança no ambiente.
- Criar e evoluir automações utilizando Infrastructure as Code.
- Apoiar a configuração de controles nativos da AWS.
- Monitorar, analisar e responder aos alertas relacionados a compliance e segurança em Cloud.
O que esperamos que você saiba
- Experiência com implementação de controles de segurança em Cloud.
- Conhecimento em ferramentas de automação como CodePipeline e GitHub Actions.
- Experiência em desenvolvimento de automações utilizando Terraform, AWS CDK ou CloudFormation.
- Familiaridade com controles nativos da AWS, tais como IAM, SCP, KMS, Config, GuardDuty, Security Hub, WAF, entre outros.
- Habilidades em monitoramento, análise e resposta a alertas de segurança e compliance em Cloud.
O que seria muito legal e você soubesse
- Experiência em Infraestrutura Cloud, especialmente AWS.
- Conhecimento avançado em ferramentas de automação e segurança em Cloud.
- Capacidade de colaboração em equipe e resolução de problemas.
- Habilidades analíticas e críticas para lidar com desafios de segurança em Cloud.
- Excelentes habilidades de comunicação e trabalho em equipe.
O que te oferecemos
Atuamos em um modelo de trabalho remoto por padrão, priorizando a sua liberdade e responsabilidade. Além disso, proporcionamos:
Carreira
- Liberdade para trabalhar de onde quiser
- Horários flexíveis
- Auxílio Educação
- Ferramenta própria de desenvolvimento de carreira
- Guildas internas e grupos de estudo e interesse
Saúde e bem-estar
- Plano de saúde
- Plano odontológico
- Parceria na compra de medicamentos
- Telemedicina disponível 24x7
- Terapia online gratuita
- Wellhub
- Licença maternidade estendida
- Licença paternidade estendida
- CAZ – Central de Atendimento a zuppers
Conforto financeiro
- Vale-refeição e alimentação
- Seguro de vida
- Vale-transporte
- Auxílio home office
- Auxílio Creche
- Auxílio plano telefônico
- Participação em Lucros e Resultados
Seja o primeiro a saber
Sobre o mais recente Cissp Empregos em Brasil !
Security Engineer
Hoje
Trabalho visualizado
Descrição Do Trabalho
About CloudWalk:
We are not just another fintech unicorn. We are a pack of dreamers, makers, and tech enthusiasts building the future of payments. With millions of happy customers and a hunger for innovation, we're now expanding our neural network - literally and metaphorically.
Are you passionate about security and eager to build a career in automation and problem solving? Do you want to strengthen defenses by building reliable pipelines and tooling? If so, we invite you to start your journey with our team as a Security Engineer focused on security automation
In this role, you will be a key contributor to our security automation strategy. Under the guidance of senior engineers, you will help design, develop, and maintain automations that streamline vulnerability management, log ingestion, enrichment, and alerting, empowering the team to work faster and smarter.
What You'll Do
- Automate Workflows: Build and maintain automated workflows for blue-team operations, from data ingestion and normalization to correlation, alerting, and reporting, using scripts, services, and containerized pipelines.
- System Hardening: Codify and automate hardening guidelines and best practices across operating systems, applications, and cloud platforms, ensuring repeatable, auditable baselines.
- Collaborate Across Teams: Partner with security, engineering, and IT to integrate data sources and APIs, automate evidence collection for investigations and control verification, and ensure secure-by-default configurations aligned with internal security standards.
- WAF Management: Define, automate, and monitor WAF rules as code to protect applications against web attacks, including safe rollout, testing, and telemetry for performance and compliance.
What We're Looking For
- Strong desire to learn and demonstrate skill in at least one scripting language (Python, TypeScript, or similar) to build production-ready automations and integrations.
- Analytical problem-solving skills and attention to detail for debugging, tuning alerts, and measuring coverage.
- Effective communication and ability to work as part of a collaborative team.
- Familiarity with EDR platforms (e.g, CrowdStrike, Defender ATP)
- Basic understanding of SIEM concepts (log ingestion, parsing, alerting, dashboards, correlation rules) with pipeline reliability.
Join us at CloudWalk, where we're not just engineering solutions; we're building a smarter, AI-driven future for payments—together.
By applying for this position, your data will be processed as per CloudWalk's Privacy Policy that you can read here in Portuguese and here in English.
Security Engineer
Publicado há 4 dias atrás
Trabalho visualizado
Descrição Do Trabalho
Alice Na Alice, nossa missão é tornar o mundo mais saudável. Somos uma empresa de tecnologia que oferece planos de saúde empresariais. Nossa plataforma de cuidado contínuo garante que cada membro receba o cuidado certo, na hora certa e no lugar certo, proporcionando uma experiência excepcional. Impulsionada por AI, nossa jornada de saúde é simples de acessar, envolvente e altamente confiável. Já cuidamos de mais de 65 mil membros, com nível de satisfação de 4,8/5 (CSat), seja no atendimento 24 horas pelo app (Alice Agora), seja nas consultas com nossos médicos especialistas. Isso é saúde como deve ser.
Temos orgulho da nossa cultura e do nosso time, que trabalha com paixão pelo propósito e protagonismo para transformar o setor de saúde.
Se você se identificou, venha tornar o mundo mais saudável com a gente!
Sobre a posiçãoComo Security Engineer com foco em IAM e Governança, você fará parte de um time fundamental para garantir que nossas práticas de segurança da informação evoluam de forma escalável, segura e orientada por boas práticas. Você será responsável por projetar, implementar e manter os processos e ferramentas que garantem a correta gestão de identidades, acessos e privilégios dentro da Alice, contribuindo diretamente para a segurança da plataforma e proteção de dados dos nossos Membros.
Essa posição é estratégica e tem impacto direto em áreas como confiabilidade, governança, auditoria e conformidade — garantindo que cada acesso seja o mínimo necessário, cada decisão seja documentada e cada aplicação, devidamente controlada.
Essa posição é estratégica e tem impacto direto em áreas como confiabilidade, governança, auditoria e conformidade — garantindo que cada acesso seja o mínimo necessário, cada decisão seja documentada e cada aplicação, devidamente controlada.
No seu dia a dia, você vai
- Implementar e evoluir processos e ferramentas de Identity & Access Management (IAM) e Privileged Access Management (PAM);
- Ser responsável pela gestão de grupos de acesso, revogação automatizada de permissões e controle de ciclo de vida de acessos;
- Trabalhar em parceria com Engenharia, GRC (Governance, Risk and Compliance), Produto e RH para garantir provisionamento e desprovisionamento seguros e auditáveis;
- Liderar a implementação e manutenção de trilhas de auditoria, garantindo rastreabilidade de decisões e compliance com normas como LGPD e SOC 2;
- Atuar na definição de papéis de acesso, ajudando a desenhar perfis com base no princípio do menor privilégio;
- Colaborar com times de SRE/Cloud, Data Engineering e Plataforma para automatizar processos e manter o ambiente seguro sem comprometer a experiência dos usuários;
- Participar na seleção e operação de ferramentas como SIEM, PAM, IDP (Jump Cloud), Zero Trust, etc
- Construir e documentar boas práticas de segurança, e ajudar a disseminá-las pela organização.
- Mais de 5 anos de experiência prévia em segurança
- Independência e proatividade para definir os investimentos em segurança com maior retorno
- Experiência prévia com IAM, PAM, DevSecOps ou Segurança da Informação;
- Histórico com ferramentas de automação de acessos e gestão de identidades;
- Conhecimento de normas e boas práticas como SOC 2 e LGPD;
- Capacidade de liderar projetos de segurança de ponta a ponta;
- Experiência colaborando com áreas como Engenharia, Produto, Service Desk e RH;
- Familiaridade com ambientes em nuvem (AWS, GCP) e integrações com ferramentas de CI/CD;
- Forte capacidade de organização, rastreabilidade e atenção aos detalhes;
- Atitudes que sejam aderentes às nossas virtudes. Veja aqui com detalhe: Blog Alice.
Fazer parte da equipe de Engenharia da Alice significa ter a responsabilidade e a oportunidade de fazer parte de um time colaborativo e que busca excelência técnica, sem perder de vista o real objetivo de cada linha que escrevemos: Tornar o mundo mais saudável!
Significa também trabalhar em estreita colaboração com áreas de negócio e produto, com muitas iniciativas já amadurecidas e outras tantas ainda para construir do zero.
Além disso, você vai influenciar diretamente a cultura de engenharia e segurança. Acreditamos que cada pessoa traz aprendizados e experiências únicas, que nos ajudam a evoluir todos os dias.
Temos foco em qualidade, decisões diligentes, documentação clara e uma cultura orientada por impacto e consistência.
Na Alice, nossa missão é tornar o mundo mais saudável. Somos uma empresa de tecnologia que oferece planos de saúde empresariais. Nossa plataforma de cuidado contínuo garante que cada membro receba o cuidado certo, na hora certa e no lugar certo, proporcionando uma experiência excepcional. Impulsionada por AI, nossa jornada de saúde é simples de acessar, envolvente e altamente confiável. Já cuidamos de mais de 65 mil membros, com nível de satisfação de 4,8/5 (CSat), seja no atendimento 24 horas pelo app (Alice Agora), seja nas consultas com nossos médicos especialistas. Isso é saúde como deve ser. Temos orgulho da nossa cultura e do nosso time, que trabalha com paixão pelo propósito e protagonismo para transformar o setor de saúde. Se você se identificou, venha tornar o mundo mais saudável com a gente!
#J-18808-LjbffrSecurity Engineer
Publicado há 4 dias atrás
Trabalho visualizado
Descrição Do Trabalho
Alice Na Alice, nossa missão é tornar o mundo mais saudável. Somos uma empresa de tecnologia que oferece planos de saúde empresariais. Nossa plataforma de cuidado contínuo garante que cada membro receba o cuidado certo, na hora certa e no lugar certo, proporcionando uma experiência excepcional. Impulsionada por AI, nossa jornada de saúde é simples de acessar, envolvente e altamente confiável. Já cuidamos de mais de 65 mil membros, com nível de satisfação de 4,8/5 (CSat), seja no atendimento 24 horas pelo app (Alice Agora), seja nas consultas com nossos médicos especialistas. Isso é saúde como deve ser.
Temos orgulho da nossa cultura e do nosso time, que trabalha com paixão pelo propósito e protagonismo para transformar o setor de saúde.
Se você se identificou, venha tornar o mundo mais saudável com a gente!
Sobre a posiçãoComo Security Engineer com foco em IAM e Governança, você fará parte de um time fundamental para garantir que nossas práticas de segurança da informação evoluam de forma escalável, segura e orientada por boas práticas. Você será responsável por projetar, implementar e manter os processos e ferramentas que garantem a correta gestão de identidades, acessos e privilégios dentro da Alice, contribuindo diretamente para a segurança da plataforma e proteção de dados dos nossos Membros.
Essa posição é estratégica e tem impacto direto em áreas como confiabilidade, governança, auditoria e conformidade — garantindo que cada acesso seja o mínimo necessário, cada decisão seja documentada e cada aplicação, devidamente controlada.
Essa posição é estratégica e tem impacto direto em áreas como confiabilidade, governança, auditoria e conformidade — garantindo que cada acesso seja o mínimo necessário, cada decisão seja documentada e cada aplicação, devidamente controlada.
No seu dia a dia, você vai
- Implementar e evoluir processos e ferramentas de Identity & Access Management (IAM) e Privileged Access Management (PAM);
- Ser responsável pela gestão de grupos de acesso, revogação automatizada de permissões e controle de ciclo de vida de acessos;
- Trabalhar em parceria com Engenharia, GRC (Governance, Risk and Compliance), Produto e RH para garantir provisionamento e desprovisionamento seguros e auditáveis;
- Liderar a implementação e manutenção de trilhas de auditoria, garantindo rastreabilidade de decisões e compliance com normas como LGPD e SOC 2;
- Atuar na definição de papéis de acesso, ajudando a desenhar perfis com base no princípio do menor privilégio;
- Colaborar com times de SRE/Cloud, Data Engineering e Plataforma para automatizar processos e manter o ambiente seguro sem comprometer a experiência dos usuários;
- Participar na seleção e operação de ferramentas como SIEM, PAM, IDP (Jump Cloud), Zero Trust, etc
- Construir e documentar boas práticas de segurança, e ajudar a disseminá-las pela organização.
- Mais de 5 anos de experiência prévia em segurança
- Independência e proatividade para definir os investimentos em segurança com maior retorno
- Experiência prévia com IAM, PAM, DevSecOps ou Segurança da Informação;
- Histórico com ferramentas de automação de acessos e gestão de identidades;
- Conhecimento de normas e boas práticas como SOC 2 e LGPD;
- Capacidade de liderar projetos de segurança de ponta a ponta;
- Experiência colaborando com áreas como Engenharia, Produto, Service Desk e RH;
- Familiaridade com ambientes em nuvem (AWS, GCP) e integrações com ferramentas de CI/CD;
- Forte capacidade de organização, rastreabilidade e atenção aos detalhes;
- Atitudes que sejam aderentes às nossas virtudes. Veja aqui com detalhe: Blog Alice.
Fazer parte da equipe de Engenharia da Alice significa ter a responsabilidade e a oportunidade de fazer parte de um time colaborativo e que busca excelência técnica, sem perder de vista o real objetivo de cada linha que escrevemos: Tornar o mundo mais saudável!
Significa também trabalhar em estreita colaboração com áreas de negócio e produto, com muitas iniciativas já amadurecidas e outras tantas ainda para construir do zero.
Além disso, você vai influenciar diretamente a cultura de engenharia e segurança. Acreditamos que cada pessoa traz aprendizados e experiências únicas, que nos ajudam a evoluir todos os dias.
Temos foco em qualidade, decisões diligentes, documentação clara e uma cultura orientada por impacto e consistência.
Na Alice, nossa missão é tornar o mundo mais saudável. Somos uma empresa de tecnologia que oferece planos de saúde empresariais. Nossa plataforma de cuidado contínuo garante que cada membro receba o cuidado certo, na hora certa e no lugar certo, proporcionando uma experiência excepcional. Impulsionada por AI, nossa jornada de saúde é simples de acessar, envolvente e altamente confiável. Já cuidamos de mais de 65 mil membros, com nível de satisfação de 4,8/5 (CSat), seja no atendimento 24 horas pelo app (Alice Agora), seja nas consultas com nossos médicos especialistas. Isso é saúde como deve ser. Temos orgulho da nossa cultura e do nosso time, que trabalha com paixão pelo propósito e protagonismo para transformar o setor de saúde. Se você se identificou, venha tornar o mundo mais saudável com a gente!
#J-18808-Ljbffr