Analista Pleno de Segurança Patrimonial na Hershey Brasil, responsável por suporte de segurança física e gestão de serviços de segurança. Atuará em conformidade e gestão de crise em São Roque.
About the role
- CISO leading hands-on security operations and compliance initiatives at identity solutions startup 1Kosmos. Building and managing security infrastructure while collaborating with technical teams.
Responsibilities
- **Key Responsibilities **
- **Security Operations Leadership (Primary Focus) **
- Design, implement, and manage a comprehensive security operations infrastructure
- Personally configure and deploy security tools, including endpoint protection, SIEM, and cloud security solutions
- Build and optimize security monitoring, incident response, and threat detection capabilities
- Drive automation initiatives to eliminate manual inefficiencies in security processes
- **Compliance and Risk Management **
- Lead compliance initiatives including FedRAMP, SOC 2, and other regulatory frameworks
- Partner with business analysts to navigate regulatory requirements and audits
- Develop and maintain security policies, procedures, and documentation
- Manage security risk assessments and remediation programs
- **Technical Security Architecture **
- Secure cloud infrastructure across AWS, Google Cloud, and other platforms
- Integrate security into CI/CD pipelines, working closely with DevOps teams
- Implement and manage security tools (CrowdStrike, etc.) across the organization
- Conduct hands-on security reviews of architecture and code
- **Cross-functional Collaboration **
- Partner directly with development and engineering teams on secure software development
- Oversee internal IT security (smaller component of role)
- Communicate security initiatives and status to leadership and stakeholders
- Coordinate with global teams to ensure consistent security practices
Requirements
- **Required Qualifications **
- **Technical Expertise **
- **Minimum 7+ years in security operations **with demonstrated hands-on experience
- Deep expertise in cloud security (AWS, Google Cloud, Azure)
- Proven ability to personally deploy and configure enterprise security tools
- Strong understanding of modern DevOps practices and CI/CD security integration
- Experience with security automation and orchestration
- **Compliance and Governance **
- Hands-on experience with FedRAMP certification processes
- Track record of achieving and maintaining SOC 2, ISO 27001, or similar certifications
- Understanding of regulatory compliance requirements and audit processes
- Leadership and Communication
- Experience leading security initiatives in fast-growing organizations
- Strong communication skills for collaborating with global, distributed teams
- Ability to translate technical security concepts for various stakeholders
- Comfortable working in a startup environment with evolving requirements
- **Preferred Qualifications **
- Currently in a similar-sized company CISO role, or a Deputy CISO, Director of Security Operations, or similar "CISO minus one" role at a larger organization
- Experience in identity management or authentication technologies
- Background in both security operations and security engineering
- Previous startup or scale-up experience
- Located in or willing to work EST hours (strong preference for NY/NJ area)
- Public-facing CISO experience (client communications) is a plus but not required
Benefits
- **What We Offer **
- Opportunity to build and shape security at a growing startup
- Direct impact on product and company security posture
- Collaborative environment with talented engineering teams
- Competitive compensation and equity package
- Flexible work arrangements with preference for hybrid in NY/NJ area
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Senior Security Architect managing security architecture for Fitch Group. Leading design and implementation of control sets for emerging technologies.
Regional Information Security Officer managing security protocols and compliance for KARL STORZ. Leading local ISOs and enhancing information security measures across subsidiaries.
CISO managing information security and privacy governance at Puzzel, a leading cloud - based contact center provider in Europe. Engaging with stakeholders for compliance and risk management.
Manager of IT Support & Endpoint Security overseeing service desk operations and endpoint security strategies. Leading a team to deliver high - quality technical support and manage IT security policies.
Senior Security Officer responsible for security and safety duties in acute care settings. Providing armed presence and response, coordinating with law enforcement as required.
Security Officer overseeing sensitive information protection and compliance with regulations. Collaborating with internal teams ensure security policy implementation and risk management under EU standards.
Technical consultant addressing information security risks for USAA and guiding strategic security direction. Leading peers in assessing security strategies and educating on best practices.
Technical Recruiter for BGS managing recruitment of Cybersecurity and IT professionals. Collaborating with technical teams to identify skill requirements and enhance talent acquisition processes.
PAM Manager responsible for strategy, roadmap, and operations of PAM program at Intact. Leading a team to safeguard privileged identities and secrets across various environments.