5.914 Empregos para Cissp - Brasil

Information Security Engineer

05999-899 São Paulo, São Paulo Array Technologies

Publicado há 14 dias atrás

Trabalho visualizado

Toque novamente para fechar

Descrição Do Trabalho

4 days ago Be among the first 25 applicants

Array Technologies, Inc. is a global leader in solar energy solutions – and we have been for over 30 years! Our dramatic growth is creating incredible opportunities on our dynamic, innovative and

creative team. Are you self-motivated, highly-skilled and possess previous Cyber Security / Information Security experience?

Would you love to play a key role in advancing the clean energy revolution? Join the company that is leading the way!

What you’ll do:

The engineer will be a key member in maturing the IT and OT Security organization. They will be part of a global security team that provides support for all areas of Information Security. A successful candidate will have experience with and/or strong interest in becoming a subject matter expert in multiple Security disciplines. These include Zero Trust Architecture, Application and Cloud Security, IAM and/or Data Protection/DLP. Additionally, the engineer will be a point of escalation for investigating and remediating potential threats. The engineer will continuously be apprised of emerging technologies, threats, attacks, and countermeasures and recommend enhancements based on industry best practices. You will:

  • Design, document, test, maintain, and provide issue resolution recommendations for security solutions related to Zero Trust tools, secure software development, cloud, access, authentication/directory services, email, and/or endpoint security.
  • Work with various departments to design, implementation, and maintain IAM policy.
  • Contribute to the development and maintenance of Zero Trust Architecture and SASE tools.
  • Partner with Dev teams to define, execute, and continuously improve our secure software development processes.
  • Partner with IT and Product teams to assess, document and develop Cloud Security best practices.
  • Participates in security incident response activities, conducts technical investigation of security-related incidents and conducts post-incident digital forensics to identify causes and recommend future mitigation strategies.
  • Identifies security vulnerabilities/issues, performs risk assessments, and evaluates remediation alternatives.
  • Contributes to the development and maintenance of information security architecture.
  • Collaborates with other IT teams such as infrastructure and application development in the protection of the company’s IT assets including network, servers, applications, and 3rd party service providers.
  • Contributes to the development of ongoing information security policies and procedures, and ensures such policies and procedures are put into practice in the day-to-day operations of the company’s technology environment.

The qualifications you must have:

  • Some Experience with IAM, SASE, SSDLC, SIEM/SOAR, EDR, EPP
  • Knowledge of Cybersecurity architectures and methodologies (OWASP, Github Advanced Security, Azure DevOps, Zero Trust, NIST, Defense in depth, Kill-Chain, etc.)
  • Knowledge of Secure Cloud Architecture, Vulnerability Management, and Incident Response
  • Familiar with Data Loss Prevention (DLP), Data Protection, and Disaster Recovery
  • Familiar with network/security (IDS/IPS, firewalls, DNS, DHCP)
  • Technical knowledge of Microsoft and Linux

Our preferred qualifications:

  • Cyber Security certifications.
  • 5-10 years of IT industry experience with 3-5 years of those in a role directly related to information security and IT compliance disciplines such as app security, cloud security, IAM, DLP, SASE, etc.
  • Strong subject matter expertise in one or more of technical disciplines such as IT infrastructure, applications development and/or information security.
  • Familiarity with information security disciplines such as privacy protection and data loss prevention.
  • Strong experience in managing cybersecurity incidents and event response.
  • Awareness of industry standards such as ISO, NIST as they relate to information security and protection of privacy.
  • Experience with NERC-CIP standard and polices a plus.
  • Experienced in executing privacy compliance initiatives in response to global privacy regulations such as GDPR and LGPD would be an asset.
  • Knowledge of national and international regulatory compliances and frameworks such as ISO, NIST, and SOX.

Array Technologies, Inc. offers equal employment opportunity without regard to race, color, gender, age, creed, sex, religion, national origin, disability (physical or mental), marital status, citizenship, ancestry, sexual orientation, gender identity and gender expression, or any other legally protected status.

Seniority level
  • Seniority level Associate
Employment type
  • Employment type Full-time
Job function
  • Job function Engineering and Information Technology
  • Industries Renewable Energy Equipment Manufacturing

Referrals increase your chances of interviewing at Array Technologies by 2x

Cyber Security Analyst Junior (SOC) - Campinas/SP

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr
Desculpe, este trabalho não está disponível em sua região

Information Security Engineer

R$80000 - R$160000 Y WEX

Hoje

Trabalho visualizado

Toque novamente para fechar

Descrição Do Trabalho

About The Team/Role
We are the WEX Identity Protection Team, tasked with deploying and managing security IAM technologies and procedures across the enterprise. We work closely with internal teams and clients to ensure the company functions securely. Our team maintains a high standard and collaborates closely to foster robust, dependable, and efficient relationships. We take ownership of our outcomes and take pride in our workmanship.

Changing the world isn't easy, and we have much work ahead. From securing applications, data centers and cloud resources, we've got more work than we can handle and we're looking for great people to come along for the ride. We are looking for an application security engineer who is responsible for ensuring the secure function of software security and familiarity with multiple general security practices and toolsets

*How you'll make an impact *

  • A highly motivated senior security engineer who loves working in and with high-performing team that interface with the entire enterprise
  • A collaborative, solid communicator who works well with your team and stakeholders to drive projects from inception to completion
  • Someone who cares deeply for team results but can work independently to deliver high-quality solutions for projects and operational tasks
  • Comfortable balancing the need to move fast with the realities of working in a highly regulated organization
  • Someone who thrives in situations where details and accuracy are vital
  • A skilled worker that has the motivation, expertise, and work ethic to operate independently across global time zones, and who can complete tasks and deliverables with minimal oversight
  • Work closely with Enterprise IT teams on securing access to WEX's infrastructure and applications
  • Able to mentor other engineers both technically and professional
  • Have exceptional knowledge of commonly used Identity tools/platforms.
  • Configure, troubleshoot and maintain identity access platforms and infrastructure
  • Install/implement and configure security applications that monitor systems & infrastructures
  • Have IT experience and knowledge of operating systems and their access controls
  • Monitor systems for irregular behavior and set up preventive measures
  • Plan, develop, implement and update the company's information security strategy
  • Handle security business-critical tasks and security systems administration
  • Install, configure, update and troubleshoot our global security tools and services
  • Identify, define and document system security requirements and recommend solutions to management
  • Develop, execute and track the performance of security measures to protect the information, servers, and computer systems
  • Write comprehensive guides, standards and reports including assessment-based findings, outcomes, and recommendations for security enhancements
  • Have a diverse background in IT, security, and supporting processes

*Experience you'll bring *

  • Are able to communicate effectively in both written and spoken English
  • Have hands-on administrative and development experience with Identity Access platforms including installation, configuration, and administration.
  • Experience working with Sailpoint
  • Have a strong understanding of Identity Access Management, including governance, lifecycle and compliance.
  • Have experience with scripting and automation using languages such as Java.
  • Are familiar with security frameworks and standards (e.g., NIST, ISO 27001, PCI DSS).
  • Have excellent analytical, problem-solving, and communication skills.
  • Have a strong, practical understanding of modern IT infrastructure, networking, and security engineering concepts
  • Can troubleshoot information security issues within a complex environment
  • Experience in engineering and implementing solutions that meet security, compliance, and business needs
  • Can commit and deliver on defined project/delivery timelines with minimal supervision
  • Can work in an on-call rotation which may include some night and weekend shifts
  • Relevant certifications for Sailpoint Certified Engineer.
  • Experience working with Java/Beanshell languages
  • Experience working with Linux OS
  • Basic Network security knowledge
  • Experience working with OKTA, Auth0
  • Experience working with Delinea PAM, CrowdStrike Identity Protection, IT Access using Artificial intelligence.
Desculpe, este trabalho não está disponível em sua região

Global Information Security Engineer

Portão, Rio Grande do Sul Stahl

Hoje

Trabalho visualizado

Toque novamente para fechar

Descrição Do Trabalho

WHAT YOUR RESPONSIBILITIES WILL INCLUDE:
This role will be responsible for for security incident handling and designing, implementing, monitoring and maintaining the mainly technical information security controls and services to protect Stahl's information assets. Interacting with local and global IT professionals beyond and within Stahl.

JOB DESCRIPTION:

  • Guard and monitor the overall security architecture to suitably and effectively protect all of Stahl's information and IT assets.
  • Propose, design and implement fit for purpose security solutions based on internal policy requirements or any identified risk.
  • Execute high quality periodical risk assessments.
  • Proper and timely follow up upon any identified security alerts.
  • Review and report on the security posture and performance of external IT security suppliers
  • Be the main technical contact for external security suppliers
  • Provide multi-level cyber security reporting and dashboards to different internal stakeholders.
  • Drive and maintain compliance to information security standards for any new IT solutions and or change proposals.
  • Maintain adequate security documentation.

Specific requirement
This job requires the ability to bypass information security controls hence elevated levels of Integrity and Confidentiality are required for this role.

Certifications such as CISSP, CEH, Microsoft security or willing to get certified.

Thorough knowledge in IT Infra technology (clients, servers, network, IAM, 2FA, vulnerability management, firewalls and other cyber security relevant topics).

Structured, accurate and disciplined in planning and execution.

Good communication skills in English

Important:
The candidate must live in Rio Grande do Sul (near Porto Alegre) / Brazil OR México ( near León or Toluca)

Considering the importance and role of this position, if you´re approved we will check your personal credentials.

WHAT DO WE OFFER?
At Stahl we offer working in an international, challenging, growing and dynamic organization, with the opportunity to have a real impact on the company, the people and the environment. An employment conditions package with excellent secondary employment conditions is offered. This package includes:

  • Attractive salary that matches the responsibilities and experience
  • Health insurance
  • Pension Plan
  • Bonus
  • Voluntary day
  • Extensive career development opportunities.
Desculpe, este trabalho não está disponível em sua região

Senior Information Security Engineer

São Paulo, São Paulo R$90000 - R$120000 Y endava

Hoje

Trabalho visualizado

Toque novamente para fechar

Descrição Do Trabalho

Company Description

Technology is our how. And people are our why. For over two decades, we have been harnessing technology to drive meaningful change.

By combining world-class engineering, industry expertise and a people-centric mindset, we consult and partner with leading brands from various industries to create dynamic platforms and intelligent digital experiences that drive innovation and transform businesses.

From prototype to real-world impact - be part of a global shift by doing work that matters.

Job Description

We are seeking a Senior Cybersecurity Specialist with deep expertise in Privileged Access Management (PAM) to join our dynamic security team. The ideal candidate will possess strong experience with CyberArk (or similar PAM platforms), and be skilled in problem-solving, critical thinking, and cross-functional collaboration in a global enterprise. A high level of English proficiency is essential for success in this role.

Key Responsibilities:

  • Lead the design, implementation, and lifecycle management of Privileged Access Management solutions, with a strong focus on CyberArk.
  • Enforce PAM policies, develop secure access practices, and perform risk assessments on privileged access.
  • Integrate PAM solutions with enterprise systems including Identity and Access Management tools such as Okta.
  • Manage and respond to security incidents involving privileged users or accounts.
  • Collaborate with infrastructure, DevOps, and application teams to ensure secure integration of PAM solutions.
  • Work with IT Service Management platforms (especially ServiceNow) to manage change management and approvals.
  • Document procedures, playbooks, and system configurations aligned with best practices.
  • Use tools such as Jira for tracking, planning, and project execution.
  • Operate effectively using modern collaboration tools like Webex, Slack, and other enterprise communication platforms.
  • Follow ITIL best practices in service delivery and incident/change/problem management processes.
  • Participate in audits and ensure compliance with internal policies and external regulatory requirements.

Qualifications

Qualifications:

Must-Have:

  • 5+ years of cybersecurity experience, with at least 3 years focused on Privileged Access Management.
  • Proven hands-on expertise with CyberArk or equivalent PAM tools.
  • Strong knowledge of Identity and Access Management (IAM), especially using Okta.
  • Experience with ITIL-based service management, particularly change management processes in ServiceNow.
  • Familiarity with Jira, ticketing systems, and project workflow tools.
  • Proficiency in modern collaboration platforms: Webex, Slack, Teams, and others.
  • Advanced written and spoken English communication skills.
  • Excellent problem-solving and critical thinking capabilities.
  • Strong knowledge of Active Directory, LDAP, and integration with various enterprise systems.

Nice to have:

  • CyberArk certifications (e.g., Defender, Sentry).
  • Experience with scripting languages (PowerShell, Python).
  • Familiarity with security frameworks (e.g., NIST, ISO
  • Experience in cloud platforms (AWS, Azure, GCP) and managing privileged access in hybrid environments.

Additional Information

Additional information

Discover some of the global benefits that empower our people to become the best version of themselves:

  • Finance: Competitive salary package, share plan, company performance bonuses, value-based recognition awards, referral bonus;
  • Career Development: Career coaching, global career opportunities, non-linear career paths, internal development programmes for management and technical leadership;
  • Learning Opportunities: Complex projects, rotations, internal tech communities, training, certifications, coaching, online learning platforms subscriptions, pass-it-on sessions, workshops, conferences;
  • Work-Life Balance: Hybrid work and flexible working hours, employee assistance programme;
  • Health: Global internal wellbeing programme, access to wellbeing apps;
  • Community: Global internal tech communities, hobby clubs and interest groups, inclusion and diversity programmes, events and celebrations.

At Endava, we're committed to creating an open, inclusive, and respectful environment where everyone feels safe, valued, and empowered to be their best. We welcome applications from people of all backgrounds, experiences, and perspectives—because we know that inclusive teams help us deliver smarter, more innovative solutions for our customers. Hiring decisions are based on merit, skills, qualifications, and potential. If you need adjustments or support during the recruitment process, please let us know.

Desculpe, este trabalho não está disponível em sua região

Security Engineer

Fortaleza, Ceará LEDN

Hoje

Trabalho visualizado

Toque novamente para fechar

Descrição Do Trabalho

Ledn is a global financial services company built for digital assets, helping to improve the everyday lives of Bitcoin holders while building generational wealth for the future.

About the Role

We are seeking a full‑time Security Engineer with deep expertise in Application Security, Identity & Access Management, and Confidential Computing to strengthen the security of our Bitcoin‑backed loan platform. This role will drive both tactical improvements and long‑term strategy for securing our applications and authentication systems.

You will work across our JavaScript/TypeScript services, AWS serverless stack (Lambda, API Gateway, Cognito, SNS, SQS), MongoDB, and Kubernetes microservices, and take ownership of evolving our authentication layer toward modern, phishing‑resistant approaches. In addition, you will design and operate AWS Nitro Enclaves to protect critical data and cryptographic operations in isolated, verifiable environments. This is a hands‑on engineering role with direct impact on product security, infrastructure security, and customer trust.

Responsibilities
  • Application Security
    Lead secure design and code reviews across engineering teams.
  • Define and enforce secure coding practices for JavaScript/TypeScript services.
  • Automate vulnerability detection (SAST, SCA, DAST) within CI/CD.
  • Conduct threat modeling and risk assessments for new features.
  • Partner with engineers to remediate vulnerabilities and improve secure development practices.
  • Authentication & Identity
    Own the roadmap for authentication and identity across customer and internal applications.
  • Enhance existing Cognito‑based identity architecture with stronger, phishing‑resistant MFA solutions (e.g., WebAuthn, passkeys, hardware tokens).
  • Collaborate with Product to align usability, compliance, and security in authentication flows.
  • Define secure approaches to session management, device trust, and account recovery.
  • Confidential Computing (AWS Nitro Enclaves)
    Design enclave‑based architectures to isolate and protect sensitive workloads.
  • Integrate Nitro Enclaves with KMS and secure APIs.
  • Migrate high‑value operations (e.g., cryptographic and financial processes) into enclave environments.
  • Ensure compliance, auditability, and resilience of enclave workloads.
  • Additional Security Domains
    Harden AWS services (Lambda, API Gateway, SQS, SNS) with least‑privilege IAM and secure key management.
  • Improve Kubernetes security posture (RBAC, pod security, image scanning, runtime monitoring).
  • Deploy and operate a SIEM framework; develop detection rules, dashboards, and incident playbooks.
  • Support compliance initiatives (SOC 2, ISO 27001) with security controls and documentation.
What You Bring to Ledn
  • 10 years minimum of proven experience in Application Security with a focus on web and cloud‑native applications.
  • Strong knowledge of JavaScript/TypeScript/Golang/Python and modern web vulnerabilities (OWASP Top 10, auth bypasses, business logic flaws).
  • Expertise with AWS security best practices, particularly in serverless architectures.
  • Hands‑on experience with AWS Nitro Enclaves for confidential computing.
  • Deep understanding of authentication and authorization standards (OAuth2, OIDC, WebAuthn, FIDO2).
  • Practical experience with Cognito / Auth0 (MFA, custom flows, secure session handling).
  • Background in SIEM design and log correlation across cloud and application layers.
  • Familiarity with Kubernetes security (RBAC, pod security, admission controls, image scanning).
  • Experience with Secure Code Review.
  • Understanding of software supply chain.
  • Deep understanding of Linux internals.
  • Remediate vulnerabilities identified in penetration test reports.
  • Strong communication and collaboration skills, able to influence engineering and product teams.
Nice to Haves
  • Familiarity with Bitcoin custody and key management practices.
  • Knowledge of Infrastructure as Code security (Terraform, AWS CDK).
  • Prior work on user‑facing security features such as passwordless authentication, recovery flows, or device trust.
Culture Fit
  • Looking for more than operational excellence — a leader who thrives in a startup or tech environment.
  • Passion for progress, adaptability, and resilience in a high‑growth, fast‑paced environment.
  • Builder’s mindset, excited to create, iterate, and scale IS practices.
  • Collaborative partner, able to influence across functions and cultures with empathy and clarity.
  • Demonstrate integrity and accountability, especially in managing confidential information across diverse legal and cultural contexts.
  • Remote work experience.
A Taste of What We Provide
  • Comprehensive, best‑in‑class total rewards package that starts on your first day.
  • Competitive PTO package.
  • Ownership in the company through shared equity.
  • Remote work: opportunity to work anywhere in the world for up to 180 days (subject to restrictions).
  • Career that provides purpose in your job.
  • We remove barriers so you love what you do.
  • Equal‑opportunity employer proud of inclusivity, diversity, and success that comes from diversity.
  • Accommodation requests can be made at any stage of the recruitment process; requests will be addressed confidentially.
Seniority Level – Mid‑Senior Employment Type – Full‑time Job Function – Information Technology Industries – Retail

#J-18808-Ljbffr
Desculpe, este trabalho não está disponível em sua região

Security Engineer

86099-899 Londrina, Paraná LEDN

Hoje

Trabalho visualizado

Toque novamente para fechar

Descrição Do Trabalho

Ledn is a global financial services company built for digital assets, helping to improve the everyday lives of Bitcoin holders while building generational wealth for the future.

About the Role

We are seeking a full‑time Security Engineer with deep expertise in Application Security, Identity & Access Management, and Confidential Computing to strengthen the security of our Bitcoin‑backed loan platform. This role will drive both tactical improvements and long‑term strategy for securing our applications and authentication systems.

You will work across our JavaScript/TypeScript services, AWS serverless stack (Lambda, API Gateway, Cognito, SNS, SQS), MongoDB, and Kubernetes microservices, and take ownership of evolving our authentication layer toward modern, phishing‑resistant approaches. In addition, you will design and operate AWS Nitro Enclaves to protect critical data and cryptographic operations in isolated, verifiable environments. This is a hands‑on engineering role with direct impact on product security, infrastructure security, and customer trust.

Responsibilities
  • Application Security
    Lead secure design and code reviews across engineering teams.
  • Define and enforce secure coding practices for JavaScript/TypeScript services.
  • Automate vulnerability detection (SAST, SCA, DAST) within CI/CD.
  • Conduct threat modeling and risk assessments for new features.
  • Partner with engineers to remediate vulnerabilities and improve secure development practices.
  • Authentication & Identity
    Own the roadmap for authentication and identity across customer and internal applications.
  • Enhance existing Cognito‑based identity architecture with stronger, phishing‑resistant MFA solutions (e.g., WebAuthn, passkeys, hardware tokens).
  • Collaborate with Product to align usability, compliance, and security in authentication flows.
  • Define secure approaches to session management, device trust, and account recovery.
  • Confidential Computing (AWS Nitro Enclaves)
    Design enclave‑based architectures to isolate and protect sensitive workloads.
  • Integrate Nitro Enclaves with KMS and secure APIs.
  • Migrate high‑value operations (e.g., cryptographic and financial processes) into enclave environments.
  • Ensure compliance, auditability, and resilience of enclave workloads.
  • Additional Security Domains
    Harden AWS services (Lambda, API Gateway, SQS, SNS) with least‑privilege IAM and secure key management.
  • Improve Kubernetes security posture (RBAC, pod security, image scanning, runtime monitoring).
  • Deploy and operate a SIEM framework; develop detection rules, dashboards, and incident playbooks.
  • Support compliance initiatives (SOC 2, ISO 27001) with security controls and documentation.
What You Bring to Ledn
  • 10 years minimum of proven experience in Application Security with a focus on web and cloud‑native applications.
  • Strong knowledge of JavaScript/TypeScript/Golang/Python and modern web vulnerabilities (OWASP Top 10, auth bypasses, business logic flaws).
  • Expertise with AWS security best practices, particularly in serverless architectures.
  • Hands‑on experience with AWS Nitro Enclaves for confidential computing.
  • Deep understanding of authentication and authorization standards (OAuth2, OIDC, WebAuthn, FIDO2).
  • Practical experience with Cognito / Auth0 (MFA, custom flows, secure session handling).
  • Background in SIEM design and log correlation across cloud and application layers.
  • Familiarity with Kubernetes security (RBAC, pod security, admission controls, image scanning).
  • Experience with Secure Code Review.
  • Understanding of software supply chain.
  • Deep understanding of Linux internals.
  • Remediate vulnerabilities identified in penetration test reports.
  • Strong communication and collaboration skills, able to influence engineering and product teams.
Nice to Haves
  • Familiarity with Bitcoin custody and key management practices.
  • Knowledge of Infrastructure as Code security (Terraform, AWS CDK).
  • Prior work on user‑facing security features such as passwordless authentication, recovery flows, or device trust.
Culture Fit
  • Looking for more than operational excellence — a leader who thrives in a startup or tech environment.
  • Passion for progress, adaptability, and resilience in a high‑growth, fast‑paced environment.
  • Builder’s mindset, excited to create, iterate, and scale IS practices.
  • Collaborative partner, able to influence across functions and cultures with empathy and clarity.
  • Demonstrate integrity and accountability, especially in managing confidential information across diverse legal and cultural contexts.
  • Remote work experience.
A Taste of What We Provide
  • Comprehensive, best‑in‑class total rewards package that starts on your first day.
  • Competitive PTO package.
  • Ownership in the company through shared equity.
  • Remote work: opportunity to work anywhere in the world for up to 180 days (subject to restrictions).
  • Career that provides purpose in your job.
  • We remove barriers so you love what you do.
  • Equal‑opportunity employer proud of inclusivity, diversity, and success that comes from diversity.
  • Accommodation requests can be made at any stage of the recruitment process; requests will be addressed confidentially.
Seniority Level – Mid‑Senior Employment Type – Full‑time Job Function – Information Technology Industries – Retail

#J-18808-Ljbffr
Desculpe, este trabalho não está disponível em sua região

Security Engineer

23799-899 Rio de Janeiro , Rio de Janeiro LEDN

Hoje

Trabalho visualizado

Toque novamente para fechar

Descrição Do Trabalho

Ledn is a global financial services company built for digital assets, helping to improve the everyday lives of Bitcoin holders while building generational wealth for the future.

About the Role

We are seeking a full‑time Security Engineer with deep expertise in Application Security, Identity & Access Management, and Confidential Computing to strengthen the security of our Bitcoin‑backed loan platform. This role will drive both tactical improvements and long‑term strategy for securing our applications and authentication systems.

You will work across our JavaScript/TypeScript services, AWS serverless stack (Lambda, API Gateway, Cognito, SNS, SQS), MongoDB, and Kubernetes microservices, and take ownership of evolving our authentication layer toward modern, phishing‑resistant approaches. In addition, you will design and operate AWS Nitro Enclaves to protect critical data and cryptographic operations in isolated, verifiable environments. This is a hands‑on engineering role with direct impact on product security, infrastructure security, and customer trust.

Responsibilities
  • Application Security
    Lead secure design and code reviews across engineering teams.
  • Define and enforce secure coding practices for JavaScript/TypeScript services.
  • Automate vulnerability detection (SAST, SCA, DAST) within CI/CD.
  • Conduct threat modeling and risk assessments for new features.
  • Partner with engineers to remediate vulnerabilities and improve secure development practices.
  • Authentication & Identity
    Own the roadmap for authentication and identity across customer and internal applications.
  • Enhance existing Cognito‑based identity architecture with stronger, phishing‑resistant MFA solutions (e.g., WebAuthn, passkeys, hardware tokens).
  • Collaborate with Product to align usability, compliance, and security in authentication flows.
  • Define secure approaches to session management, device trust, and account recovery.
  • Confidential Computing (AWS Nitro Enclaves)
    Design enclave‑based architectures to isolate and protect sensitive workloads.
  • Integrate Nitro Enclaves with KMS and secure APIs.
  • Migrate high‑value operations (e.g., cryptographic and financial processes) into enclave environments.
  • Ensure compliance, auditability, and resilience of enclave workloads.
  • Additional Security Domains
    Harden AWS services (Lambda, API Gateway, SQS, SNS) with least‑privilege IAM and secure key management.
  • Improve Kubernetes security posture (RBAC, pod security, image scanning, runtime monitoring).
  • Deploy and operate a SIEM framework; develop detection rules, dashboards, and incident playbooks.
  • Support compliance initiatives (SOC 2, ISO 27001) with security controls and documentation.
What You Bring to Ledn
  • 10 years minimum of proven experience in Application Security with a focus on web and cloud‑native applications.
  • Strong knowledge of JavaScript/TypeScript/Golang/Python and modern web vulnerabilities (OWASP Top 10, auth bypasses, business logic flaws).
  • Expertise with AWS security best practices, particularly in serverless architectures.
  • Hands‑on experience with AWS Nitro Enclaves for confidential computing.
  • Deep understanding of authentication and authorization standards (OAuth2, OIDC, WebAuthn, FIDO2).
  • Practical experience with Cognito / Auth0 (MFA, custom flows, secure session handling).
  • Background in SIEM design and log correlation across cloud and application layers.
  • Familiarity with Kubernetes security (RBAC, pod security, admission controls, image scanning).
  • Experience with Secure Code Review.
  • Understanding of software supply chain.
  • Deep understanding of Linux internals.
  • Remediate vulnerabilities identified in penetration test reports.
  • Strong communication and collaboration skills, able to influence engineering and product teams.
Nice to Haves
  • Familiarity with Bitcoin custody and key management practices.
  • Knowledge of Infrastructure as Code security (Terraform, AWS CDK).
  • Prior work on user‑facing security features such as passwordless authentication, recovery flows, or device trust.
Culture Fit
  • Looking for more than operational excellence — a leader who thrives in a startup or tech environment.
  • Passion for progress, adaptability, and resilience in a high‑growth, fast‑paced environment.
  • Builder’s mindset, excited to create, iterate, and scale IS practices.
  • Collaborative partner, able to influence across functions and cultures with empathy and clarity.
  • Demonstrate integrity and accountability, especially in managing confidential information across diverse legal and cultural contexts.
  • Remote work experience.
A Taste of What We Provide
  • Comprehensive, best‑in‑class total rewards package that starts on your first day.
  • Competitive PTO package.
  • Ownership in the company through shared equity.
  • Remote work: opportunity to work anywhere in the world for up to 180 days (subject to restrictions).
  • Career that provides purpose in your job.
  • We remove barriers so you love what you do.
  • Equal‑opportunity employer proud of inclusivity, diversity, and success that comes from diversity.
  • Accommodation requests can be made at any stage of the recruitment process; requests will be addressed confidentially.
Seniority Level – Mid‑Senior Employment Type – Full‑time Job Function – Information Technology Industries – Retail

#J-18808-Ljbffr
Desculpe, este trabalho não está disponível em sua região
Seja o primeiro a saber

Sobre o mais recente Cissp Empregos em Brasil !

Security Engineer

13209-201 Jundiaí, São Paulo LEDN

Hoje

Trabalho visualizado

Toque novamente para fechar

Descrição Do Trabalho

Ledn is a global financial services company built for digital assets, helping to improve the everyday lives of Bitcoin holders while building generational wealth for the future.

About the Role

We are seeking a full‑time Security Engineer with deep expertise in Application Security, Identity & Access Management, and Confidential Computing to strengthen the security of our Bitcoin‑backed loan platform. This role will drive both tactical improvements and long‑term strategy for securing our applications and authentication systems.

You will work across our JavaScript/TypeScript services, AWS serverless stack (Lambda, API Gateway, Cognito, SNS, SQS), MongoDB, and Kubernetes microservices, and take ownership of evolving our authentication layer toward modern, phishing‑resistant approaches. In addition, you will design and operate AWS Nitro Enclaves to protect critical data and cryptographic operations in isolated, verifiable environments. This is a hands‑on engineering role with direct impact on product security, infrastructure security, and customer trust.

Responsibilities
  • Application Security
    Lead secure design and code reviews across engineering teams.
  • Define and enforce secure coding practices for JavaScript/TypeScript services.
  • Automate vulnerability detection (SAST, SCA, DAST) within CI/CD.
  • Conduct threat modeling and risk assessments for new features.
  • Partner with engineers to remediate vulnerabilities and improve secure development practices.
  • Authentication & Identity
    Own the roadmap for authentication and identity across customer and internal applications.
  • Enhance existing Cognito‑based identity architecture with stronger, phishing‑resistant MFA solutions (e.g., WebAuthn, passkeys, hardware tokens).
  • Collaborate with Product to align usability, compliance, and security in authentication flows.
  • Define secure approaches to session management, device trust, and account recovery.
  • Confidential Computing (AWS Nitro Enclaves)
    Design enclave‑based architectures to isolate and protect sensitive workloads.
  • Integrate Nitro Enclaves with KMS and secure APIs.
  • Migrate high‑value operations (e.g., cryptographic and financial processes) into enclave environments.
  • Ensure compliance, auditability, and resilience of enclave workloads.
  • Additional Security Domains
    Harden AWS services (Lambda, API Gateway, SQS, SNS) with least‑privilege IAM and secure key management.
  • Improve Kubernetes security posture (RBAC, pod security, image scanning, runtime monitoring).
  • Deploy and operate a SIEM framework; develop detection rules, dashboards, and incident playbooks.
  • Support compliance initiatives (SOC 2, ISO 27001) with security controls and documentation.
What You Bring to Ledn
  • 10 years minimum of proven experience in Application Security with a focus on web and cloud‑native applications.
  • Strong knowledge of JavaScript/TypeScript/Golang/Python and modern web vulnerabilities (OWASP Top 10, auth bypasses, business logic flaws).
  • Expertise with AWS security best practices, particularly in serverless architectures.
  • Hands‑on experience with AWS Nitro Enclaves for confidential computing.
  • Deep understanding of authentication and authorization standards (OAuth2, OIDC, WebAuthn, FIDO2).
  • Practical experience with Cognito / Auth0 (MFA, custom flows, secure session handling).
  • Background in SIEM design and log correlation across cloud and application layers.
  • Familiarity with Kubernetes security (RBAC, pod security, admission controls, image scanning).
  • Experience with Secure Code Review.
  • Understanding of software supply chain.
  • Deep understanding of Linux internals.
  • Remediate vulnerabilities identified in penetration test reports.
  • Strong communication and collaboration skills, able to influence engineering and product teams.
Nice to Haves
  • Familiarity with Bitcoin custody and key management practices.
  • Knowledge of Infrastructure as Code security (Terraform, AWS CDK).
  • Prior work on user‑facing security features such as passwordless authentication, recovery flows, or device trust.
Culture Fit
  • Looking for more than operational excellence — a leader who thrives in a startup or tech environment.
  • Passion for progress, adaptability, and resilience in a high‑growth, fast‑paced environment.
  • Builder’s mindset, excited to create, iterate, and scale IS practices.
  • Collaborative partner, able to influence across functions and cultures with empathy and clarity.
  • Demonstrate integrity and accountability, especially in managing confidential information across diverse legal and cultural contexts.
  • Remote work experience.
A Taste of What We Provide
  • Comprehensive, best‑in‑class total rewards package that starts on your first day.
  • Competitive PTO package.
  • Ownership in the company through shared equity.
  • Remote work: opportunity to work anywhere in the world for up to 180 days (subject to restrictions).
  • Career that provides purpose in your job.
  • We remove barriers so you love what you do.
  • Equal‑opportunity employer proud of inclusivity, diversity, and success that comes from diversity.
  • Accommodation requests can be made at any stage of the recruitment process; requests will be addressed confidentially.
Seniority Level – Mid‑Senior Employment Type – Full‑time Job Function – Information Technology Industries – Retail

#J-18808-Ljbffr
Desculpe, este trabalho não está disponível em sua região

Security Engineer

38438-899 Uberlândia, Minas Gerais LEDN

Hoje

Trabalho visualizado

Toque novamente para fechar

Descrição Do Trabalho

Join to apply for the Security Engineer role at LEDN .

About Ledn

LEDN is a global financial services company that delivers digital asset lending, savings, and trading products across more than 150 countries. We believe that digital assets can democratize access to the global economy and are building products and services that enable that vision. Our core values are act with integrity, own it, have a passion for progress, and lead with empathy.

Opportunity

We are seeking a full‑time Security Engineer with deep expertise in Application Security, Identity & Access Management, and Confidential Computing to strengthen the security of our Bitcoin‑backed loan platform. This role drives tactical improvements and long‑term strategy for securing our applications and authentication systems across JavaScript/TypeScript services, AWS serverless stack, MongoDB, Kubernetes microservices, and more.

Responsibilities
  • Application Security: Lead secure design and code reviews across engineering teams; define and enforce secure coding practices; automate vulnerability detection (SAST, SCA, DAST); conduct threat modeling; partner with engineers to remediate vulnerabilities.
  • Authentication & Identity: Own the roadmap for authentication and identity across customer and internal applications; enhance Cognito-based identity architecture with phishing‑resistant MFA solutions (WebAuthn, passkeys, hardware tokens); define secure session management and device trust approaches.
  • Confidential Computing (AWS Nitro Enclaves): Design enclave‑based architectures; integrate Nitro Enclaves with KMS and secure APIs; migrate high‑value operations into enclave environments; ensure compliance, auditability, and resilience.
  • Additional Security Domains: Harden AWS services with least‑privilege IAM and secure key management; improve Kubernetes security posture; deploy and operate a SIEM framework with detection rules and incident playbooks; support SOC 2, ISO 27001 compliance initiatives.
Qualifications
  • 10+ years of proven experience in Application Security focused on web and cloud‑native applications.
  • Strong knowledge of JavaScript/TypeScript/Golang/Python and modern web vulnerabilities (OWASP Top 10).
  • Expertise with AWS security best practices, especially for serverless architectures.
  • Hands‑on experience with AWS Nitro Enclaves for confidential computing.
  • Deep understanding of authentication and authorization standards (OAuth2, OIDC, WebAuthn, FIDO2).
  • Practical experience with Cognito/Auth0 (MFA, custom flows, secure session handling).
  • Background in SIEM design and log correlation across cloud and application layers.
  • Familiarity with Kubernetes security (RBAC, pod security, admission controls, image scanning).
  • Experience with Secure Code Review and software supply chain security.
  • Strong communication and collaboration skills; able to influence engineering and product teams.
Nice to Haves
  • Familiarity with Bitcoin custody and key management practices.
  • Knowledge of Infrastructure as Code security (Terraform, AWS CDK).
  • Prior work on user‑facing security features such as passwordless authentication and device trust.
Culture Fit
  • Adaptable, resilient, and comfortable navigating ambiguity in a fast‑paced, high‑growth environment.
  • Builder’s mindset, excited to create, iterate, and scale security practices.
  • Collaborative partner who influences across functions and cultures with empathy and clarity.
  • Demonstrates integrity and accountability, especially around confidential information and diverse legal contexts.
  • Has worked in a remote environment and can manage a remote first organization.
Benefits
  • Competitive PTO package and flexible work arrangements; remote work allowed up to 180 days per year.
  • Ownership in the company through equity and crypto‑asset incentives.
  • Growth opportunities in a leading digital‑asset company.
  • Comprehensive total rewards package, including remote benefits and health coverage.

LEDN is an equal‑opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. Accommodation requests can be submitted confidentially throughout the recruitment process.

#J-18808-Ljbffr
Desculpe, este trabalho não está disponível em sua região

Security Engineer

06299-899 Osasco, São Paulo LEDN

Hoje

Trabalho visualizado

Toque novamente para fechar

Descrição Do Trabalho

Join to apply for the Security Engineer role at LEDN .

About Ledn

LEDN is a global financial services company that delivers digital asset lending, savings, and trading products across more than 150 countries. We believe that digital assets can democratize access to the global economy and are building products and services that enable that vision. Our core values are act with integrity, own it, have a passion for progress, and lead with empathy.

Opportunity

We are seeking a full‑time Security Engineer with deep expertise in Application Security, Identity & Access Management, and Confidential Computing to strengthen the security of our Bitcoin‑backed loan platform. This role drives tactical improvements and long‑term strategy for securing our applications and authentication systems across JavaScript/TypeScript services, AWS serverless stack, MongoDB, Kubernetes microservices, and more.

Responsibilities
  • Application Security: Lead secure design and code reviews across engineering teams; define and enforce secure coding practices; automate vulnerability detection (SAST, SCA, DAST); conduct threat modeling; partner with engineers to remediate vulnerabilities.
  • Authentication & Identity: Own the roadmap for authentication and identity across customer and internal applications; enhance Cognito-based identity architecture with phishing‑resistant MFA solutions (WebAuthn, passkeys, hardware tokens); define secure session management and device trust approaches.
  • Confidential Computing (AWS Nitro Enclaves): Design enclave‑based architectures; integrate Nitro Enclaves with KMS and secure APIs; migrate high‑value operations into enclave environments; ensure compliance, auditability, and resilience.
  • Additional Security Domains: Harden AWS services with least‑privilege IAM and secure key management; improve Kubernetes security posture; deploy and operate a SIEM framework with detection rules and incident playbooks; support SOC 2, ISO 27001 compliance initiatives.
Qualifications
  • 10+ years of proven experience in Application Security focused on web and cloud‑native applications.
  • Strong knowledge of JavaScript/TypeScript/Golang/Python and modern web vulnerabilities (OWASP Top 10).
  • Expertise with AWS security best practices, especially for serverless architectures.
  • Hands‑on experience with AWS Nitro Enclaves for confidential computing.
  • Deep understanding of authentication and authorization standards (OAuth2, OIDC, WebAuthn, FIDO2).
  • Practical experience with Cognito/Auth0 (MFA, custom flows, secure session handling).
  • Background in SIEM design and log correlation across cloud and application layers.
  • Familiarity with Kubernetes security (RBAC, pod security, admission controls, image scanning).
  • Experience with Secure Code Review and software supply chain security.
  • Strong communication and collaboration skills; able to influence engineering and product teams.
Nice to Haves
  • Familiarity with Bitcoin custody and key management practices.
  • Knowledge of Infrastructure as Code security (Terraform, AWS CDK).
  • Prior work on user‑facing security features such as passwordless authentication and device trust.
Culture Fit
  • Adaptable, resilient, and comfortable navigating ambiguity in a fast‑paced, high‑growth environment.
  • Builder’s mindset, excited to create, iterate, and scale security practices.
  • Collaborative partner who influences across functions and cultures with empathy and clarity.
  • Demonstrates integrity and accountability, especially around confidential information and diverse legal contexts.
  • Has worked in a remote environment and can manage a remote first organization.
Benefits
  • Competitive PTO package and flexible work arrangements; remote work allowed up to 180 days per year.
  • Ownership in the company through equity and crypto‑asset incentives.
  • Growth opportunities in a leading digital‑asset company.
  • Comprehensive total rewards package, including remote benefits and health coverage.

LEDN is an equal‑opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. Accommodation requests can be submitted confidentially throughout the recruitment process.

#J-18808-Ljbffr
Desculpe, este trabalho não está disponível em sua região

Locais próximos

Outros empregos perto de mim

Indústria

  1. workAdministrativo
  2. ecoAgricultura e Florestas
  3. schoolAprendizagem e Estágios
  4. apartmentArquitetura
  5. paletteArtes e Entretenimento
  6. paletteAssistência Médica
  7. diversity_3Assistência Social
  8. diversity_3Atendimento ao Cliente
  9. flight_takeoffAviação
  10. account_balanceBanca e Finanças
  11. spaBeleza e Bem-Estar
  12. shopping_bagBens de grande consumo (FMCG)
  13. restaurantCatering
  14. point_of_saleComercial e Vendas
  15. shopping_cartCompras
  16. constructionConstrução
  17. supervisor_accountConsultoria de Gestão
  18. person_searchConsultoria de Recrutamento
  19. person_searchContábil
  20. brushCriativo e Digital
  21. currency_bitcoinCriptomoedas e Blockchain
  22. child_friendlyCuidados Infantis
  23. shopping_cartE-commerce e Redes Sociais
  24. schoolEducação e Ensino
  25. boltEnergia
  26. medical_servicesEnfermagem
  27. foundationEngenharia Civil
  28. electrical_servicesEngenharia Eletrotécnica
  29. precision_manufacturingEngenharia Industrial
  30. buildEngenharia Mecânica
  31. scienceEngenharia Química
  32. biotechFarmacêutico
  33. gavelFunção Pública
  34. gavelGerenciamento
  35. gavelGerenciamento de Projetos
  36. gavelHotelaria e Turismo
  37. smart_toyIA e Tecnologias Emergentes
  38. home_workImobiliário
  39. handymanInstalação e Manutenção
  40. gavelJurídico
  41. gavelLazer e Esportes
  42. clean_handsLimpeza e Saneamento
  43. inventory_2Logística e Armazenamento
  44. inventory_2Manufatura e Produção
  45. campaignMarketing
  46. local_hospitalMedicina
  47. local_hospitalMídia e Relações Públicas
  48. constructionMineração
  49. medical_servicesOdontologia
  50. sciencePesquisa e Desenvolvimento
  51. local_gas_stationPetróleo e Gás
  52. emoji_eventsRecém-Formados
  53. groupsRecursos Humanos
  54. securitySegurança da Informação
  55. local_policeSegurança Pública
  56. policySeguros
  57. diversity_3Serviços Sociais
  58. directions_carSetor Automotivo
  59. wifiTelecomunicações
  60. psychologyTerapia
  61. codeTI e Software
  62. local_shippingTransporte
  63. local_shippingVarejo
  64. petsVeterinária
Ver tudo Cissp Empregos