Cloud Security Engineer at Verizon integrating security into Agile/DevSecOps practices and enforcing security through automation and infrastructure as code.
About the role
- Security Specialist focused on information security practices for Riachuelo's products and services. Design and implement secure systems architecture while mitigating risks and ensuring compliance.
Responsibilities
- Ensure that information security rules and best practices are applied across all products and services offered and contracted by Midway.
- Secure application design: responsible for developing and implementing application architectures that incorporate security principles from inception, ensuring protection against digital threats and compliance with security standards.
- Apply methodologies to strengthen security during the early phases of the solution lifecycle, promoting the use of best practices across technology environments.
- Act as the focal point for Midway's Board regarding information security matters.
- Create and implement application architectures with a security-focused approach, applying Security by Design principles to protect applications and systems from conception.
- Perform detailed analyses during application integration to identify and mitigate potential vulnerabilities, ensuring security across the solution architecture.
- Update and maintain a comprehensive library of security controls and requirements, making it available as a reference for secure development and ensuring adherence to industry best practices.
- Implement Threat Modeling during the analysis and planning phases of solutions, assessing risks to reinforce the security of application design.
- Design robust security controls in system and solution architectures, aligning with frameworks such as CIS Controls, CSA CCM, NIST and ISO/IEC 27000 to maintain compliance with security standards.
- Implement the Zero Trust concept and the Principle of Least Privilege within designed architectures, minimizing the risk of unauthorized access and promoting a proactive security posture.
- Apply expertise in cloud computing platforms (Azure, GCP, OCI, SAP Cloud) and API solutions to create secure and scalable environments, aligning with specific cloud security requirements.
Requirements
- Bachelor's degree in Information Security, Computer Science, Computer Engineering, Information Systems or related IT fields.
- Information security certifications such as ISO/IEC 27001, ITIL, Security+ and product-specific security certifications.
- Languages: Advanced English.
- Advanced knowledge in:
- SDLC (Software Development Life Cycle)
- Threat modeling (STRIDE, MITRE ATT&CK)
- Ability to interpret system architectures to identify information security risks and propose mitigations
- Deep knowledge of operating systems, networks, data structures and cloud environments (AWS, GCP, Azure, OCI)
- Experience implementing security controls in cloud computing solutions (IaaS, PaaS, SaaS)
- Experience with security controls for networks, operating systems, web and mobile applications, REST APIs and databases
- Knowledge of system integration with identity providers (SAML, OIDC, SCIM)
- Knowledge of data encryption
- Knowledge of secure development techniques
Benefits
- Health insurance
- Dental insurance
- Meal allowance
- Grocery allowance
- Gympass
- Childcare assistance
- Culture voucher
- Home office stipend
- PPR – Results Participation Program (performance-based bonus)
- Private pension plan
- Group life insurance
- Educational partnerships
- Discounts at Riachuelo
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Cybersecurity Engineer advancing Radio Access Network security for Verizon. Collaborating on threat monitoring, incident response, and security architecture.
Cybersecurity Engineer joining Verizon's Network Security Defense team to advance security posture and manage incident response. Collaborating on strategic technical challenges and ensuring security across networks.
Data Protection & Information Security Assistant supporting compliance activities at Pharmacy2U, the UK's largest online pharmacy. Contributing to privacy governance and data protection initiatives.
Senior Manager, ERP Security & Controls overseeing security architecture and strategy for Oracle Fusion ERP. Leading compliance and audit activities in a highly regulated environment with effective financial control practices.
Senior leader responsible for managing global Enterprise IT, Cybersecurity, and Compliance functions. Driving strategy and ensuring compliance with global standards in a high - growth technology environment.
Senior Cloud Security Consultant managing and developing cloud security solutions for clients in Microsoft 365 and Azure with a focus on safety and compliance.
Manager leading cybersecurity technology and controls at Enbridge. Overseeing security platforms, managing teams, and mitigating cyber risks within the organization.
Safety Technician responsible for safety documentation and training in an environmental consulting firm with 17 years of experience nationwide.
IAM Security Architect developing modern identity experiences within the health care system. Leading technical strategies and overseeing architecture solutions for Cambia Health.