Job Closed
This listing is no longer active.
Intuition som ledelses- og udviklingsværktøj. Coaching, workshops og foredrag.
Security Tech Lead
Location
Brazil
Posted
64 days ago
Salary
0
Seniority
Senior
Job Description
Security Tech Lead
LUMIS
• Assess risks in systems, cloud environments, internal processes and new projects; • Conduct continuous security assessments of infrastructure and applications; • Propose and follow up on action plans to improve security maturity; • Ensure compliance with LGPD, ISO/IEC 27001 and other applicable frameworks; • Develop and maintain Information Security policies, standards and procedures; • Support business continuity and disaster recovery initiatives; • Prepare reports and provide evidence for audits and compliance assessments; • Support the implementation and evolution of security tools such as SIEM, WAF, IDS/IPS, EDR, DLP and vulnerability management solutions; • Establish monitoring, detection and incident response processes; • Coordinate security investigations and simulation exercises; • Ensure security best practices in cloud environments (AWS and OCI), including access management, encryption, backups and automations; • Collaborate with Engineering and DevOps teams to implement DevSecOps practices and security in CI/CD pipelines; • Define security and privacy-by-design standards for products and infrastructure; • Manage IAM-related controls, including MFA, SSO, RBAC and periodic access reviews; • Ensure traceability, segregation of duties and privileged access governance; • Support the adoption and governance of PAM/password vault solutions; • Participate in defining security requirements for SaaS/PaaS products; • Perform application vulnerability analysis using SAST, DAST and interpret pentest results; • Promote secure development practices and share references such as the OWASP Top 10 with technical teams; • Conduct security training and awareness initiatives; • Act as a technical authority for different areas of the company; • Define a security roadmap aligned with business strategy; • Support architecture decisions, risk prioritization and security investments; • Serve as the technical focal point for audits, RFPs and security questionnaires; • Support commercial, customer service and pre-sales teams in communicating the company’s security practices.
Job Requirements
- Bachelor's degree in Computer Science, Computer Engineering or related fields;
- Solid experience in Information Security, preferably in SaaS, PaaS or cloud environments;
- Knowledge of frameworks and standards such as ISO/IEC 27001, NIST, LGPD, SOC 2 and OWASP;
- Experience with cloud environments (AWS and/or OCI), CI/CD, DevSecOps and IAM;
- Hands-on experience with SIEM, WAF, EDR, vulnerability management and PAM tools;
- Experience with external audits and meeting customer security requirements;
- Good communication skills with both technical and non-technical audiences;
- Analytical, organized and continuously improvement-oriented profile.
Benefits
- Meal allowance;
- Food allowance;
- SulAmérica health insurance;
- Care Plus dental coverage;
- Wellhub;
- Psicologia Viva;
- Conexa Saúde;
- Birthday day off;
- Home office allowance;
- Partnership with SESC;
- Life insurance.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Role Description Own the enterprise information security, compliance & business continuity program across Crete (corporate) and all member firms. Build standardized, scalable security controls, governance, and operations across multiple independent control environments. - Define the multi-year security strategy and roadmap across Crete and member firms in a federated model, aligning priorities to business risk and acquisition cadence. - Establish and maintain the security policy framework, standards, and minimum control baseline across all firms; design pragmatic exception handling and remediation plans for varying maturity levels. - Build security operating rhythms and executive reporting: KPIs, risk posture, incident trends, audit/compliance status, and program progress for Crete leadership and firm leaders. - Partner with IT, data, and engineering leadership to embed security into operations, architecture decisions, and change management across the portfolio. - Lead security diligence for M&A: current-state control assessments, key risk identification, remediation estimates, and repeatable post-close stabilization playbooks (30/60/90-day plans). - Drive security integration of new firms (people/process/technology) across separate environments — identity, endpoint/email, logging/monitoring, data protection — with scalable onboarding playbooks and control alignment patterns. - Provide security architecture oversight for cloud and hybrid environments with emphasis on Azure, Intune, and Microsoft Defender; define secure patterns for privileged access, conditional access, PAM, RBAC, and separation of duties. - Oversee day-to-day security operations: vulnerability management, patch/risk prioritization, endpoint and email security, tooling lifecycle, and event triage across Crete and member firms. - Manage third-party MDR/SOC providers — scope, SLAs, escalation paths, detection coverage, playbooks, reporting — and drive continuous improvement of monitoring outcomes. - Own the incident response program end-to-end: runbooks, tabletop exercises, ransomware preparedness, forensics coordination, and post-incident reviews with corrective actions. - Implement consistent risk management across firms — periodic assessments, control testing, remediation tracking — and own third-party/vendor security risk management for corporate and shared vendors. - Support member firms with client-driven security and compliance requirements (NIST CSF, CIS, SOC 2 Type II); ensure evidence collection is repeatable and accurate. - Lead security awareness and training programs tailored to professional services workflows, with measurable adoption and behavioral outcomes. - Lead, coach, and develop the cybersecurity team; serve as escalation point for security decisions, incidents, and complex risk tradeoffs. - Build documentation, playbooks, and implementation guides that enable consistent security outcomes across firms; influence firm leaders and local teams to drive baseline control adoption. Qualifications - 10+ years of progressive experience in information security or cybersecurity. - 3+ years leading and developing security teams. - Demonstrated M&A, private equity, or roll-up experience. - Strong understanding of cloud security principles with hands-on Azure and Microsoft security experience. - Experience managing and governing compliance standards (NIST, CSF, CIS, and SOC2 Type II preferred). - Experience managing business continuity programs and lifecycle. - Microsoft Azure/Intune experience. - Experience managing third-party security services (MDR/SOC, IR retainers, testing vendors). - Proven ability to design and run a complete enterprise security control program. - Excellent stakeholder management and executive communication skills. - Bachelor’s degree or equivalent experience; security certifications preferred (CISSP). - Professional services experience and/or accounting and CPA firm experience strongly preferred. Benefits - The total rewards package at Current includes base salary, bonus, and benefits. - Our salary ranges are competitive within the accounting industry and are updated regularly using the most reliable compensation survey data for our industry. - New hire offers are made based on a candidate’s experience, expertise, geographic location, and internal pay equity relative to peers. - We provide a robust benefits package, including: - Health, Dental, and Vision Insurance (with options for fully paid employee only coverage for health and dental). - Company-Paid Life and Long-Term Disability Insurance. - Ancillary Benefits such as supplemental life insurance and short-term disability options. - Classic Safe Harbor 401(k) Plan with employer contributions. - Opportunities for professional growth, learning, and development including access to Becker and LinkedIn Learning. Equal Opportunity We are an equal opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, sex, sexual orientation, age, veteran status, disability, genetic information, or any other applicable legally protected characteristic.
Information Security Engineer II
Arkansas Children's HospitalArkansas Children’s Hospital is the state’s only medical center devoted exclusively to providing world-class healthcare for children. The private, nonprofit
Role Description Analyzes and resolves security issues, concerns, questions, incidents and events. Evaluates and identifies risks and threats; addresses unexpected problems. Provides security monitoring, vulnerability assessment, and analysis into potential security related events and incidents. Ensures appropriate access to systems for authorized associates while protecting against unauthorized access. Operates IT security systems. Evaluates new information security threats and their potential threat to the company. - Monitors and advises on information security issues related to the systems and workflow. - Monitors security logs and related security events through a SIEM tool. - Performs vulnerability scans and penetration tests; assists in developing and maintaining scripts, routines and software to perform vulnerability threat assessments. - Participates as a member of the security incident response team; evaluates security incidents, assists in developing solutions. Assists in a computer crime or incident scene. - Monitors security controls effectiveness (e.g. user add/remove, systems patching, firewall changes) and the company’s security subsystems. - Participates in IT security projects. - Reviews vulnerabilities and assists in making recommendations to IT management. - Assists in evaluating security aspects of systems changes (e.g. wireless, mobile, cloud solutions). - Maintains user security awareness training. - Performs other duties as assigned. Qualifications - At least two (2) years of experience with: - Palo Alto firewalls - Microsoft Purview (data protection, compliance, and governance) - Microsoft 365 security (Defender for Office 365) and cloud security (Defender for Cloud) - High school diploma or GED or equivalent - Bachelor's degree in a related field of study (recommended) Requirements - High School Diploma/GED and 2 years of relevant experience, or 4 years of experience in lieu of a diploma/GED. Benefits - Full-time position, Monday to Friday — Remote (Must reside in Arkansas) - Work Shift: Day Shift - Time Type: Full time Company Description ARKANSAS CHILDREN'S IS A TOBACCO FREE WORKPLACE. FLU VACCINES ARE REQUIRED. ARKANSAS CHILDREN'S IS AN EQUAL OPPORTUNITY EMPLOYER. ALL QUALIFIED APPLICANTS WILL RECEIVE CONSIDERATION FOR EMPLOYMENT WITHOUT REGARD TO RACE, COLOR, RELIGION, SEX, SEXUAL ORIENTATION, GENDER IDENTITY OR EXPRESSION, NATIONAL ORIGIN, AGE, DISABILITY, PROTECTED VETERAN STATUS OR ANY OTHER CHARACTERISTIC PROTECTED BY FEDERAL, STATE, OR LOCAL LAWS.
• Own the enterprise information security, compliance & business continuity program across Crete (corporate) and all member firms. • Build standardized, scalable security controls, governance, and operations across multiple independent control environments. • Define the multi-year security strategy and roadmap across Crete and member firms in a federated model. • Establish and maintain the security policy framework, standards, and minimum control baseline across all firms. • Build security operating rhythms and executive reporting: KPIs, risk posture, incident trends, audit/compliance status, and program progress for Crete leadership and firm leaders. • Partner with IT, data, and engineering leadership to embed security into operations, architecture decisions, and change management across the portfolio. • Lead security diligence for M&A: current-state control assessments, key risk identification, remediation estimates. • Drive security integration of new firms (people/process/technology) across separate environments. • Provide security architecture oversight for cloud and hybrid environments with emphasis on Azure, Intune, and Microsoft Defender. • Oversee day-to-day security operations: vulnerability management, patch/risk prioritization, endpoint and email security, tooling lifecycle, and event triage. • Manage third-party MDR/SOC providers and drive continuous improvement of monitoring outcomes. • Own the incident response program end-to-end: runbooks, tabletop exercises, ransomware preparedness. • Implement consistent risk management across firms – periodic assessments, control testing, remediation tracking. • Support member firms with client-driven security and compliance requirements (NIST CSF, CIS, SOC 2 Type II). • Lead security awareness and training programs tailored to professional services workflows. • Lead, coach, and develop the cybersecurity team.
International Supply Chain Analyst/Specialist
UFP IndustriesThe Company is an Equal Opportunity Employer.
Role Description The Supply Chain Pricing Specialist (Analyst) will report to the Logistics Manager. Critical responsibilities will include pricing functions and key business analysis for pricing optimization. - Collect data on international supply chain operations. - Analyze data to identify areas of supply chain operations to improve efficiency. - Develop and execute projects to enhance supply chain operations. - Establish and maintain relationships with shippers and vendors. - Assess vendor operations and enforce compliance with quality standards. - Measure supply chain performance and report to management. - Work with the procurement and sales departments to lead strategy alignment. - Perform pricing functions including lane cost analysis. Qualifications - 6+ years of direct international supply chain/international logistics pricing experience. - Proven knowledge of international logistics procurement & strategy. - Excellent mathematical and analytical skills. - Working knowledge of data analysis and forecasting tools and ability to develop actionable insights from data. - Interpersonal skills and ability to build and improve trusting relationships with other departments and external vendors. - Attention to detail. - Problem-solving skills to take quick and decisive action when the supply chain breaks down. - Strong negotiating skills and pricing experience. - Strong communication skills. - Bi-lingual a plus, but not a requirement. Requirements - Can office out of Union City, Miami, FL - or Remote Negotiable. Company Description - The Company is an Equal Opportunity Employer.


