Cybersecurity Engineer specializing in email security and collaboration security within the CyberSecurity Engineering team. Crucial role in protecting against email - based threats and enhancing security capabilities.
About the role
- Security Specialist focused on information security practices for Riachuelo's products and services. Design and implement secure systems architecture while mitigating risks and ensuring compliance.
Responsibilities
- Ensure that information security rules and best practices are applied across all products and services offered and contracted by Midway.
- Secure application design: responsible for developing and implementing application architectures that incorporate security principles from inception, ensuring protection against digital threats and compliance with security standards.
- Apply methodologies to strengthen security during the early phases of the solution lifecycle, promoting the use of best practices across technology environments.
- Act as the focal point for Midway's Board regarding information security matters.
- Create and implement application architectures with a security-focused approach, applying Security by Design principles to protect applications and systems from conception.
- Perform detailed analyses during application integration to identify and mitigate potential vulnerabilities, ensuring security across the solution architecture.
- Update and maintain a comprehensive library of security controls and requirements, making it available as a reference for secure development and ensuring adherence to industry best practices.
- Implement Threat Modeling during the analysis and planning phases of solutions, assessing risks to reinforce the security of application design.
- Design robust security controls in system and solution architectures, aligning with frameworks such as CIS Controls, CSA CCM, NIST and ISO/IEC 27000 to maintain compliance with security standards.
- Implement the Zero Trust concept and the Principle of Least Privilege within designed architectures, minimizing the risk of unauthorized access and promoting a proactive security posture.
- Apply expertise in cloud computing platforms (Azure, GCP, OCI, SAP Cloud) and API solutions to create secure and scalable environments, aligning with specific cloud security requirements.
Requirements
- Bachelor's degree in Information Security, Computer Science, Computer Engineering, Information Systems or related IT fields.
- Information security certifications such as ISO/IEC 27001, ITIL, Security+ and product-specific security certifications.
- Languages: Advanced English.
- Advanced knowledge in:
- SDLC (Software Development Life Cycle)
- Threat modeling (STRIDE, MITRE ATT&CK)
- Ability to interpret system architectures to identify information security risks and propose mitigations
- Deep knowledge of operating systems, networks, data structures and cloud environments (AWS, GCP, Azure, OCI)
- Experience implementing security controls in cloud computing solutions (IaaS, PaaS, SaaS)
- Experience with security controls for networks, operating systems, web and mobile applications, REST APIs and databases
- Knowledge of system integration with identity providers (SAML, OIDC, SCIM)
- Knowledge of data encryption
- Knowledge of secure development techniques
Benefits
- Health insurance
- Dental insurance
- Meal allowance
- Grocery allowance
- Gympass
- Childcare assistance
- Culture voucher
- Home office stipend
- PPR – Results Participation Program (performance-based bonus)
- Private pension plan
- Group life insurance
- Educational partnerships
- Discounts at Riachuelo
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Senior Security Engineer at January, enhancing security for consumer finance. Architecting systems to protect sensitive data and drive security - first culture.
Founding ML Scientist at VC - backed AI security platform. Defining AI security for critical environments like banks and hospitals.
Head of Physical Security leading security practices across Babcock. Ensuring protection of infrastructure and national security while managing complex projects and stakeholder relationships.
Security Officer providing safety and security for patients and visitors at healthcare facilities. Responding to emergencies, patrolling, and monitoring security protocols across multiple locations.
Director of Data Security and Governance leading comprehensive data protection program. Responsible for implementing data governance framework, classification program, and managing data security policies.
Quality and Patient Safety Specialist supporting implementation and monitoring in a healthcare network. Engaging in quality processes and ensuring patient safety across hospitals.
Expert security professional leading incident response and security platform administration. Collaborating with stakeholders to enhance information security programs at Pluralsight.
Technical Specialist - Cybersecurity role in India emphasizing hands - on expertise with security tools and incident response capabilities. Responsibilities include automation scripting and workflow integration.
Technical Lead - Cybersecurity responsible for securing systems against threats at Birlasoft. Developing incident response strategies and collaborating with teams to enhance security.