Cyber Security Engineer

We are seeking a highly skilled Information & Cyber Security Engineer to join our team in São Paulo, Brazil, working closely with the Director, Information & Cyber Security.

The ideal candidate will have extensive expertise in information security domains, with a strong emphasis on security operations, threat hunting, incident response, and vulnerability management.

They will possess exceptional organizational and project management abilities, excellent communication skills in both Portuguese and English, and a deep understanding of Brazil's local regulatory environment.

This role will focus on designing, implementing, and maintaining robust security measures to protect the organization's systems, networks, and data while ensuring compliance with local and international regulations and contributing to the organization's global cybersecurity strategy.Key Responsibilities : Security Operations : Oversee and optimize security operations, including continuous monitoring of security systems, analyzing logs, and managing security information and event management tools to ensure real-time threat detection and response.Threat Hunting : Proactively hunt for advanced threats and vulnerabilities within the organization's environment, leveraging threat intelligence and advanced analytics to identify and neutralize potential risks before they materialize.Incident Response : Lead the investigation, containment, and resolution of security incidents, conducting thorough root cause analysis, developing remediation plans, and implementing lessons learned to prevent recurrence.Vulnerability Management : Design and execute a comprehensive vulnerability management program, including regular scanning, prioritization of vulnerabilities based on risk, and coordination with IT teams for timely patching and remediation.Security Implementation : Design, deploy, and manage security solutions across network, application, and data domains to safeguard organizational assets.Compliance : Ensure adherence to Brazil's regulatory requirements, including the General Data Protection Law (Lei Geral de Proteção de Dados - LGPD), and align with international standards such as ISO 27001 and GDPR.Global Strategy Contribution : Collaborate with global security teams and the Director, Information & Cyber Security to align local security initiatives with the organization's global cybersecurity strategy, sharing insights on regional threats and best practices to enhance enterprise-wide resilience.Project Management : Plan and execute security-related projects, ensuring timely delivery and alignment with organizational goals, under the guidance of the Director, Information & Cyber Security.Policy Development : Develop, update, and enforce security policies, procedures, and standards to maintain a secure environment, in collaboration with the Director, Information & Cyber Security.Collaboration : Work closely with cross-functional teams and the Director, Information & Cyber Security to integrate security practices into business processes and technology initiatives.Training and Awareness : Conduct security awareness training for employees to promote a culture of cybersecurity, tailoring content to both Portuguese- and English-speaking audiences.Monitoring and Reporting : Implement and monitor security tools, generating detailed reports in Portuguese and English to communicate risks, incidents, and compliance status to leadership and the Director, Information & Cyber Security.Qualifications : Education : Bachelor's degree (Bacharelado) in Computer Science, Information Technology, Cybersecurity, or a related field from a recognized Brazilian institution or equivalent international qualification.

Relevant certifications (e.g., CISSP, CISM, CEH, GCIH, or OSCP) are highly desirable.Experience : Minimum of 5 years of experience in information security, with at least 3 years focused on security operations, threat hunting, incident response, and vulnerability management.Technical Skills : Advanced knowledge of security operations, including security information and event management platforms, endpoint detection and response tools, and threat intelligence platforms.Expertise in threat hunting techniques, including behavioral analysis, anomaly detection, and leveraging industry-standard frameworks.Proven experience in incident response, including forensic analysis, malware analysis, and incident containment.Strong proficiency in vulnerability management tools and processes, including risk assessment and remediation tracking.Familiarity with network security, endpoint protection, identity and access management, and data encryption.Experience with cloud security frameworks is a plus.Regulatory Knowledge : In-depth understanding of Brazil's data protection regulations, particularly the General Data Protection Law (Lei Geral de Proteção de Dados - LGPD), and familiarity with global standards.Project Management : Demonstrated ability to manage complex security projects, with strong organizational and time-management skills.Communication : Excellent verbal and written communication skills in both Portuguese and English to effectively collaborate with local and global teams, present technical information to non-technical stakeholders, and develop clear documentation and reports.Soft Skills : Analytical mindset, attention to detail, proactive problem-solving, and ability to work under pressure in a fast-paced environment.Work Environment : This is a full-time, on-site position based in São Paulo, Brazil.Collaborative and dynamic work environment with opportunities for professional growth.Occasional travel may be required for training or collaboration with global teams.