Cloud Cybersecurity Engineer supporting multi - cloud environments for critical USAF missions. Designing, deploying, and maintaining security for AWS, Azure, Google, and Oracle Clouds.
About the role
- Security Engineering Coordinator leading security teams at Banco Bmg. Focus on secure development practices and collaboration across technical and product squads.
Responsibilities
- Lead the Security Engineering team - Security Architecture, Attack Surface Management and Application Security (DevSecOps)
- Coordinate and guide teams responsible for the secure development lifecycle (SDLC), defining secure architectural standards and the continuous management of the organization’s attack surface.
- Distribute tasks, monitor indicators, review priorities and promote a collaborative environment among technology, product and infrastructure squads.
- Define and maintain the security strategy for applications, architecture and external risk management.
- Ensure adherence to frameworks and best practices such as CIS Controls, NIST CSF, OWASP, ISO 27001, MITRE ATT&CK and internal policies.
- Participate in the development and evolution of security policies, standards and technical requirements.
- Lead Secure by Design and Shift Left initiatives, integrating security practices into the CI/CD pipeline.
- Structure and supervise programs such as SAST, DAST, SCA, IaC scanning, Threat Modeling, security reviews and advanced testing (including pentests).
- Support developers and agile teams with training, guidance and secure coding standards.
- Define the corporate security architecture, ensuring that solutions and projects are designed with Zero Trust, Defense in Depth and data protection principles.
- Evaluate new technologies, review architectural proposals and support cloud journeys, system modernization and platform integrations.
- Identify logical and complex vulnerabilities not detectable by automated tools.
- Perform advanced manual analyses of code, APIs, authentication, cryptography and authorization controls.
- Serve as a technical reference in discussions with IT, business and compliance areas.
- Coordinate identification and continuous monitoring of internet-exposed assets, external vulnerabilities, shadow IT and third-party risks.
- Manage ASM tools, external scanners, threat intelligence and remediation processes in collaboration with infrastructure and development teams.
- Produce executive reports and risk analyses to support decision-making.
- Facilitate communication between technical teams, management, auditors, vendors and technology partners.
- Translate technical risks into clear executive language to support prioritization and strategic alignment.
Requirements
- Previous experience in leadership or coordination roles of security teams.
- Strong experience in at least two of the following areas:
- Application Security
- Security Architecture
- Vulnerability Management / ASM
- Strong experience with cloud environments (AWS, Azure, GCP and OCI) and modern architectures (microservices, Kubernetes, APIs).
- Deep fundamentals in application security, cryptography, OWASP Top 10, secure coding standards and CI/CD integrations.
- Proficiency with frameworks and references such as:
- NIST CSF / SP 800-53
- CIS Controls v8
- OWASP SAMM
- MITRE ATT&CK / D3FEND
- OWASP ASVS
- NIST 800-115
- Knowledge of common tools:
- SAST/DAST
- SCA
- ASM
- Experience with Threat Modeling and architectural review.
- Experience with WAF, DLP, EDR, proxy, API management, NDR.
- Ability to communicate clearly, adapting language for technical and executive audiences.
- Problem-solving orientation, prioritization and risk-based decision making.
- Ability to lead multidisciplinary teams, influence stakeholders and navigate complex environments.
- Adversarial mindset ("offensive mindset") with ethics and responsibility.
- Desired certifications:
- CISSP, CCSP, CSSLP, CISM, CEH, Security+
- Cloud certifications: AWS Security, Azure AZ-500, GCP Security and OCI
- Advanced English
Benefits
- Health plan with no monthly fee + Telemedicine;
- Dental plan with no monthly fee;
- Meal and food vouchers;
- Life insurance;
- Funeral assistance;
- Private pension plan;
- Competitive annual variable compensation (bonus);
- PPR - Profit Sharing Program;
- Único Skill (free education benefit);
- Bike rack and changing rooms;
- Childcare assistance;
- Internet allowance;
- Wellness programs;
- On-site clinic;
- Pregnancy program;
- Extended maternity and paternity leave;
- Copay waiver for pregnant women and babies up to 1 year;
- Personalized baby kit;
- Dr. BMG – Telepsychology + Telemedicine + Nutritionist + Nurse and Physical Education professional, extended to dependents;
- PAP - Financial, legal and psychological advisory program;
- Gympass/Wellhub - Discounts at gyms;
- Pharmacy discount program;
- Fresh fruit every day;
- Birthday day off;
- Flexible dress code;
- Hybrid work model.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Information Systems Security Engineer (ISSE) driving cybersecurity initiatives in the Digital Modernization Sector. Supporting A&A efforts and ensuring security compliance with federal requirements.
Intern supporting occupational safety and health initiatives at ALTEN Mexico. Assisting in risk management and promoting safe work environments through regulatory compliance and innovation.
Senior SAP Security Specialist working with SAP Security solutions on customer projects. Responsible for workshops and leading consultancy in SAP Security environments.
Cybersecurity Engineer ensuring the security of IT & OT systems at ArianeGroup. Collaborating with internal teams and overseeing compliance and protection measures.
Professional focused on Cloud Security solutions and DevSecOps at innovative tech consulting firm Leega. Implementing security for AWS services and integrating security analysis tools.
Internship for building and deploying SSE/MASE system while working closely with management at I3P, a firm specialized in electrical networks.
Technicien d'installation de dispositifs antichute supervisant l'installation et la sécurité. Participer aux visites de chantier, préparer et gérer l'installation avec une autre personne.
Installs complete fall protection systems ensuring safety compliance. Managing team and quality of work on construction sites in a hybrid role.
IT Specialist ensuring smooth IT operations in a growing beauty company. Collaborate with external service providers and support internal teams with compliance and documentation.