Engineer managing and supervising the Safety team at Localiza&Co in São Paulo. Overseeing safety policies and ensuring compliance with health and safety standards.
About the role
- Senior Information Security Engineer supporting advanced cybersecurity operations in AWS environment. Leading security measures and risk assessments to protect organizations from cyber threats.
Responsibilities
- Own end-to-end security operations: monitoring, investigation, and response across AWS, SaaS, and endpoint environments.
- Lead incident response from triage to root cause and executive reporting.
- Design and refine operational playbooks.
- Secure AWS using Wiz and native controls, proactively addressing misconfigurations and identity risks.
- Continuously assess cloud posture and drive remediation with Cloud Engineering, embedding secure-by-design principles.
- Own the vulnerability management lifecycle (Tenable), translating data into business risk decisions and driving architectural improvements.
- Manage and optimize endpoint detection and response (CrowdStrike).
- Oversee identity and access control validation, including quarterly reviews and least-privilege enforcement.
- Lead phishing simulations and security awareness.
- Build automation and response workflows with Torq to accelerate remediation.
- Continuously evaluate and optimize the security stack; identify bottlenecks and engineer scalable solutions.
- Maintain and mature compliance (ISO 27001, SOC 2, PCI-DSS) using Drata for continuous monitoring and audit readiness.
- Conduct control testing (CIS Benchmarks, MITRE ATT&CK).
- Support risk assessments and security evaluations.
- Act as a security advisor to IT, Engineering, and business leadership, providing risk-informed guidance and helping shape the security program roadmap.
Requirements
- 5+ years of progressive experience in Information Security, Cloud Security, or Security Operations.
- Strong hands-on experience with modern security tooling, including Splunk, Wiz, Tenable, CrowdStrike, Torq, and Drata.
- Proven experience securing AWS and SaaS-based environments.
- Experience operating within regulated environments (ISO 27001, SOC 2, PCI-DSS).
- Familiarity with CIS Benchmarks, MITRE ATT&CK, and modern security architecture principles.
- Ability to independently prioritize, execute, and drive outcomes across multiple domains.
- Clear communication skills with the ability to translate technical risk to business stakeholders.
- High integrity, strong ownership mindset, and a bias toward action.
Benefits
- Medical, dental, vision, and disability insurance
- Flexible Time Off (FTO), 12 company holidays, sick leave and 8-Weeks Paid Parental Leave
- Unique professional development benefits with Annual “development dollars” to support our people growth and development
- Wellness contests and monthly educational programs
- 401(K) retirement program
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Technical Leader at VISION Cybersecurity overseeing SOC operations and guiding security investigations. Responsible for improving detection mechanisms and collaboration with security engineering teams.
Network Security Analyst configuring and maintaining Firewall solutions at Vision Cybersecurity. Collaborating with teams to manage security incidents and protect network integrity.
Security & Compliance Manager leading Tagup’s security and compliance efforts in defense technology. Engaging in national security initiatives and driving compliance with federal standards.
Security Researcher specializing in Windows and macOS threat detection for an AI - powered security platform. Conducting research and developing detections for threats, malware, and vulnerabilities.
Information Security Specialist supporting operational execution of ISMS lifecycle tasks in Budapest. Collaborating with stakeholders for risk assessment and management activities.
Information Security Specialist responsible for ISMS lifecycle tasks at ALDI. Collaborating with stakeholders on risk assessment and treatment activities while ensuring effective governance.
Client Security Manager at Atos delivering security requirements for clients and supporting Information Security strategies. Engaging with client security organizations and managing security incidents and compliance.
Security Engineer providing application security guidance for YUM! e - commerce and mobile apps. Collaborate with teams to identify and remediate security vulnerabilities effectively in various applications.
Information Security Officer responsible for cybersecurity strategies and compliance in an IT service provider for food and beverage industry. Developing security standards, managing incidents, and collaborating with leadership.