Contract Program Security Officer for 2 Circle Consulting Inc. Develops and administers security programs while ensuring compliance with US Government regulations in a Hybrid work setting.
CE
Hybrid Information Security Coordinator – Affirmative Action for Black and Mixed-Race Talent
Posted 4 weeks ago
About the role
- Coordinating Embracon's information security team and establishing continuous improvement metrics and goals. Leading governance frameworks and security operations for a diverse organization.
Responsibilities
- Coordinate and develop the information security team, promoting a culture of technical excellence and continuous improvement
- Establish objectives, goals and performance indicators (KPIs/KRIs) for the area
- Conduct monitoring ceremonies and report executive status to the CISO and security committees
- Implement and maintain an information security governance framework aligned with ISO 27001, NIST, CIS Controls and LGPD
- Develop and review security policies, procedures and standards
- Manage the security compliance and audit program
- Conduct risk assessments and vulnerability treatment
- Administer Identity and Access Management (IAM) solutions
- Implement and operate a corporate password vault
- Ensure segregation of duties (SoD) and least-privilege principles
- Manage the lifecycle of digital identities and periodic access reviews
- Oversee SOC (Security Operations Center) and SIEM operations
- Manage the detection and incident response program
- Coordinate penetration tests (pentests) and vulnerability remediation
- Oversee vulnerability management (GVUD) and patching
- Implement DevSecOps practices in the development lifecycle
- Manage code analysis tools (SAST/DAST/SCA)
- Integrate security into CI/CD pipelines
- Conduct security reviews of architectures and applications
- Manage protection solutions: WAF, IPS/IDS, DLP, CASB
- Implement and monitor data loss prevention controls
- Supervise cloud and hybrid environment security
- Ensure protection of endpoints and critical infrastructure
- Work alongside the DPO to implement privacy controls
- Ensure compliance with LGPD and sector-specific regulations
- Implement Privacy by Design in projects
- Manage processes for handling personal data
Requirements
- Bachelor’s degree in Information Technology, Computer Science, Engineering, Information Systems or related fields
- Advanced English
- Minimum 5 years of experience in Information Security
- At least 2 years in a leadership/coordinator position
- Proven experience in medium/large companies or the financial sector
- Deep knowledge of identity and access management (IAM)
- Practical experience with SOC/SIEM
- Proficiency with vulnerability management tools
- Solid knowledge of WAF, IPS/IDS, DLP and CASB
- Experience with DevSecOps and application security tools
- Knowledge of frameworks: ISO 27001, NIST CSF, CIS Controls
- Understanding of LGPD and data protection
- Certifications: CISSP, CISM, ISO 27001 Lead Implementer/Auditor, CEH, CCSP, certifications in specific tools (Splunk, AWS Security, etc.)
- Fluent in English
Benefits
- Medical, dental and psychological assistance
- Transportation allowance
- Meal or food allowance
- Partnerships with gym and wellness networks
- Life insurance
- Birthday day off
- Quality-of-life programs
- "We’re Pregnant!" programs (pregnancy support)
- Recognition programs
- Private pension plan
- Education scholarship/grant
- Student transportation voucher
- Marriage benefit
- 6-month maternity leave
- 20-day paternity leave
- Payroll-deductible loans
- Employee discounted consortium purchase
- Profit-sharing program (PPR)
- Embracon Corporate University (UCE)
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Contract Program Security Officer at 2 Circle Consulting Inc. overseeing government security compliance and managing personnel clearances. Administering security programs and policies in a hybrid role.
Cybersecurity Third - Party Risk Management Consultant leading risk assessments and compliance tracking for NIH/HHS systems. Managing third - party risk with a focus on federal cybersecurity mandates.
Entry - Level Network Security Engineer assisting IT security team with firewall implementation and monitoring. Focused on maintaining network integrity in a hybrid work environment.
Cybersecurity Designer executing and proposing process improvements at Bancolombia. Collaborating on cybersecurity functions to enhance client protection and information security.
Microsoft Security Specialist role at Syntax focused on delivering Microsoft security workshops and advisory engagements. Collaborating on technology implementation while ensuring customer security success.
Cybersecurity Specialist developing IT resilience and disaster recovery concepts for a global scale in secure IT services. Collaborating across borders in shaping organizational security standards.
Senior Cybersecurity Scrum Master focusing on release management at AT&T, collaborating across teams and managing production change requests with an Agile mindset.
BISO responsible for planning and executing enterprise - wide information security initiatives at Elsevier. Driving cybersecurity awareness and managing technical risk assessments for organizational improvements.
Develop innovative Cloud architectures on Microsoft Azure platforms. Secure cloud infrastructure and applications against various threats while working in a project team.