Specialist in PingFederate, PingDirectory and PingID for IAM infrastructure management. Collaborating with teams for stable operation and development in Cotia.
About the role
- Analyst in information security at Unimed with focus on data protection and security compliance. Engaging in incident management and supporting business operations with safe practices.
Responsibilities
- Monitor, analyze and respond to security alerts (antivirus/EDR, firewall, among others).
- Investigate security incidents, perform root cause analysis and propose containment, eradication and prevention actions.
- Support log management and event correlation in SIEM tools (or similar).
- Perform and track vulnerability scans on servers, endpoints, applications and network devices.
- Assess criticality (CVEs, CVSS and business context) and prioritize remediation with infrastructure, development teams and vendors.
- Support implementation of hardening best practices based on CIS Benchmarks, NIST and other market references.
- Contribute to the maintenance and evolution of Information Security and Privacy policies, standards, procedures and controls.
- Support LGPD compliance initiatives, ANS regulations and other regulatory requirements applicable to the healthcare sector.
- Assist in performing risk assessments for projects, processes and third parties, recommending mitigation controls.
- Work with development and infrastructure teams to integrate security into the application lifecycle (SDLC).
- Support risk analysis for new solutions, integrations and services (on-premises and cloud).
- Propose and follow up on implementation of DevSecOps practices (SAST/DAST, dependency analysis, architecture standards review).
- Support Information Security and Privacy awareness campaigns for employees and third parties.
- Produce technical and management reports (security metrics, incidents, vulnerabilities, non-conformities).
- Act in a consultative manner with business areas, translating technical risks into business impact.
Requirements
- This position is primarily remote, with scheduled in-person meetings as needed.
- Bachelor's degree completed in Information Technology, Information Security, Information Systems, Computer Science, Engineering or related fields.
- Previous experience as an Information Security Analyst (mid-level) or in an equivalent role.
- Strong knowledge in:
- Security fundamentals (confidentiality, integrity, availability, authenticity, non-repudiation, audit trails).
- Networks and protocols (TCP/IP, DNS, HTTP/HTTPS, VPN, etc.) and protection mechanisms (firewall, IDS/IPS).
- Security tools: antivirus/EDR, antispam/email security, web security, DLP.
- Incident management and response.
- Vulnerability management (scans, CVE analysis, remediation prioritization).
- Practical knowledge of LGPD (Brazilian General Data Protection Law) and data privacy best practices.
- Ability to communicate with technical and non-technical audiences.
Benefits
- Sodexo Meal or Food Voucher 🛒🍴😊
- Medical and Dental Insurance (after 90 days; coverage for employee and children up to 18 years old) 🏥🩺🦷
- Education Assistance (after 12 months) 📚👩🏽🎓👨🎓
- Wellhub (formerly Gympass) 🏋️♀️🏋️♂️
- Home office allowance 💰
- Birthday day off 🥳🎉🎈
- Results Participation Program (PPR)/Profit-sharing 💰
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Cyber Security Analyst in the Core IP/DDoS Security team at Vodafone. Ensuring real - time threat mitigation and incident response for DDoS attacks.
Senior Security Analyst developing and implementing security strategies for logistics operations. Focus on risk assessment, staff training, and policy compliance.
Security Analyst managing vulnerability management for PostFinance. Overseeing patching and security issues to ensure system stability.
IT Security Analyst supporting the Supreme Court of Nevada in safeguarding judicial information systems. Implementing security controls, maintaining compliance, and conducting security assessments in a collaborative environment.
Information Security Analyst SME protecting information assets by designing and maintaining security policies. Ensuring compliance with security standards in a tech services company focused on digital transformation.
Vulnerability Analyst role in BGS supporting government clients. Conduct vulnerability assessments and enhance cybersecurity protocols for effective mitigation strategies.
Analyst of Information Security focusing on Governance and Project Risk Analysis in software development. Join a dynamic team collaborating on security in tech projects.
Cybersecurity Analyst responsible for protecting corporate environments and managing security incidents. Collaborating with IT teams and providing strategic security communications.
Information Security Analyst role focusing on cybersecurity for a retail company based in Belo Horizonte. Tasks include managing security tools and monitoring incidents.