Role Description A primeira coisa que você precisa saber é que aqui você não vai cair na rotina. A Radix desenvolve soluções para empresas de diferentes setores e indústrias. Cada projeto tem suas tecnologias, soluções e prazos e você terá oportunidade de atuar e experimentar diferentes desafios. OT Cybersecurity Specialist: - Perform targeted OT cybersecurity maturity reviews focused on asset visibility, network exposure, and uncontrolled access paths. - Identify and document gaps that contribute to unknown or unquantified cyber risk in critical production environments. - Validate that critical assets are properly inventoried, reachable across networks, and assigned to a responsible owner. - Validate actual network reachability and communication paths between IT, OT, and vendor access points. - Assess vendor and remote access mechanisms, identifying persistent, shared, or unmonitored connections. - Evaluate incident containment readiness, including the ability to isolate assets and identify response constraints. - Produce concise, site-level exposure summaries, including prioritized risks and key findings for Security and Operations teams. Benefits - Assistência Médica Nacional (para o titular e dependentes, com quarto privativo). - Assistência odontológica nacional (para o titular e dependentes). - Vale refeição / alimentação flexível. - Auxílio home office. - Day off (no mês do aniversário). - Wellhub (antigo Gympass). - Licença Maternidade (6 meses) e Paternidade (20 dias) estendidas. - Auxílio creche para filhos de até 3 anos (por filho). - Apoio em saúde mental com a Wellz. - Clube de Vantagens com descontos em diversos parceiros. - Convênio com instituições de ensino e cursos de idioma. - Desenvolvimento Profissional (Universidade Corporativa). - Parceria com empresa de coworkings no Brasil. - Programa de Qualidade de Vida e Bem-Estar. - Médico consultor para acompanhamento de radixers. - Planos de incentivos.

• Design, implement, and maintain security controls, processes, and architectures across major cloud environments. • Conduct risk assessments, penetration tests, vulnerability management, and system hardening for cloud services and workloads. • Collaborate closely with engineering, DevOps, compliance, and business stakeholders to enable secure solution delivery and effective risk management. • Build and maintain Infrastructure as Code (IaC) security practices (Terraform, CloudFormation) and work within CI/CD pipelines to embed security in the software development lifecycle. • Partner with the GRC team to ensure compliance automation tooling is implemented effectively across required scope. • Serve as subject matter expert on cloud security technologies, best practices, and emerging threats while providing mentorship to other engineers. • Lead incident investigations, performing root cause analysis and driving remediation actions. • Participate in weekly on-call rotation with the security engineering team. • Operate and mature our CSPM/CNAPP program, driving posture management, misconfiguration remediation, and continuous control monitoring.

• The Cybersecurity Engineer will be responsible for ensuring that all information systems' Ports, Protocols, and Services (PPS) accessible to managed networks are registered in the PPSM central registry. • They must protect and use PPS according to the latest vulnerability assessment reports and implement them as per the current DoD STIGs on network infrastructure and application security. • The engineer will review software, hardware, and PPS against approved lists, perform access blocking as per policies. • They will manage PPSM in support of network changes, such as cloud migrations.

• Own and manage the IT general controls (ITGCs) component of the ICFR compliance program while supporting the build out of the ITGCs & IT Application controls (ITAC) for the SOX program from the ground up, leveraging existing frameworks and controls where applicable • Partner with Finance, IT, and business stakeholders to identify and document key controls over financial reporting, ensuring controls are designed and in place ahead of audit cycles • Ensure ITGCs and ITACs supporting financial systems are properly documented and operating as intended • Serve as the primary point of contact for external auditors, coordinating evidence requests, walkthroughs, and finding remediation • Build and maintain a controls inventory with clear ownership, documentation standards, and readiness status • Work cross-functionally with control owners to ensure gaps are identified early and remediation plans are in place before audit periods • Develop and report on compliance readiness and control health to senior leadership • Drive continuous improvement in the efficiency and effectiveness of the SOX Compliance system (AuditBoard) and related technologies • Maintain current knowledge of emerging risks, industry trends, and regulatory changes relevant to the business and the audit profession • Expand ownership to include SOC 1&2, PCI DSS, and NIST compliance programs, building a unified compliance function • Lead a small team of compliance specialists, providing mentorship, prioritization, and ensuring alignment across the aforementioned compliance initiatives