Recrutando talentos de tecnologia & conectando histórias
Cybersecurity Architect – Senior
Location
Brazil
Posted
19 days ago
Salary
0
Seniority
Senior
Job Description
Cybersecurity Architect – Senior
Mollica IT
• Define, govern, and evolve cybersecurity architecture models and standards, aligning global frameworks (NIST, ISO 27001, CIS, COBIT) with the specific needs of operations; • Lead security architecture projects and initiatives for multi-cloud, on-premises, network, application, industrial IoT/IIoT, data, and mobility environments; • Design solutions for threat prevention, detection, containment, and remediation, integrating SIEM, SOAR, EDR, IAM systems, and advanced encryption; • Contribute to defining identity and access policies and controls (IAM, SSO, MFA), network segmentation, endpoint protection, vulnerability management, and governance; • Promote integration between physical security, IT, OT (Operational Technology), and operations teams to create resilient, secure environments; • Develop and validate business continuity, cyber disaster recovery, and incident response strategies; • Evaluate and implement innovative security solutions (Zero Trust, Cloud Security Posture Management, Threat Intelligence, security automation and orchestration); • Ensure compliance with data protection laws and regulations in the countries where the company operates (LGPD, GDPR, PIPEDA); • Produce and maintain technical documentation, security plans, best-practice guides, and training for internal teams; • Participate in technical communities, forums, audits, and global compliance assessments; • Other routine duties of the area.
Job Requirements
- Strong experience in cybersecurity architecture and governance, with significant work in complex corporate or industrial environments;
- Experience in projects within Mining, Oil & Gas, or heavy industry sectors;
- Deep knowledge of security frameworks (NIST, ISO 27001, CIS, COBIT, ITIL);
- Expertise in network, host, application, identity, data, and cloud security (Microsoft Azure Security, AWS Security, GCP Security);
- Experience with advanced tools: SIEM, SOAR, EDR, IAM, DLP, encryption, risk analysis, penetration testing, and advanced monitoring;
- Experience protecting OT/IT environments and integrating security between industrial systems, industrial networks, and corporate IT;
- Experience with vulnerability management, container/Kubernetes security, security automation, and DevSecOps;
- In-depth knowledge of privacy and data protection regulations and legislation in the countries where the company operates;
- Technical and consultative leadership, with the ability to influence strategic security decisions across global teams;
- Analytical capacity and strategic vision to build resilient environments aligned with business objectives;
- Proactivity, adaptability, and focus on delivering continuous, tangible business protection;
- Bachelor's degree in Computer Engineering, Information Security, Systems, or related fields is required;
- Certifications: CISSP, CISM, CISA, CCSP, Azure Security Engineer, AWS Certified Security, PMP, TOGAF;
Benefits
- Medical insurance for employees and dependents with national coverage (Bradesco or Unimed);
- Dental insurance with national coverage;
- Meal voucher or food voucher (employee's choice);
- Childcare allowance;
- Life insurance for employees and dependents;
- Gympass for employees and dependents;
- EAP (Employee Assistance Program) offering: Financial Assistance, Legal Assistance, Social Assistance, Psychological Assistance (24/7);
- Discounts and special rates with universities (Mackenzie, SENAC, FIA, FIAP, and BBS Business School) and language schools (CNA, Cultura Inglesa, Wizard, CCAA, Indeed);
- Discounts on fee packages and special rates for Itaú and Bradesco banks;
- Option for payroll-deductible loans;
- Reimbursement program for certain external certifications;
- Training: The company provides a training and development platform, both remote and in-person, covering soft skills, technologies, and domains across more than 15,000 topics;
- Length-of-service awards: The company recognizes employees for commitment and loyalty after 3, 5, and 10 years and then every 5 years thereafter;
- Employee referral bonus — receive a reward for each new hire referral;
- Fit4life — program to encourage physical exercise for employees, with scheduled online functional training sessions;
- International experience: Depending on skills and business needs, you may apply for positions abroad (within and outside Latin America);
- And others.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
• Implement and maintain robust security controls to protect our cloud infrastructure and applications. • Discover, remediate, and validate security issues across cloud infrastructure. • Perform architectural/design reviews through a security lens and provide timely, actionable requirements and recommendations. • Collaborate with security leadership, compliance, and engineering teams to execute security strategies. • Build, deploy, and manage security tools such as WAF, IDS/IPS, workload protection, GCP Command Center, and Azure Security Center, etc. • Propose and contribute to security and compliance improvements for nesto CI/CD pipelines and deployment processes. • Automate infrastructure provisioning and deployment processes using Infrastructure as Code (IaC) tools like Terraform or Pulumi. • Design and operate scalable processes to provision cloud access and maintain least privilege. • Participate in and support the incident detection and response process by enhancing observability and alerting and assisting the incident response team. • Self-organize and prioritize activities independently. • Support audits and first-party security questionnaires. • Conduct and oversee security assessments and threat modeling exercises. • Implement security controls within Kubernetes. • Build DevSecOps tools/integrations.
• Implement and maintain robust security controls to protect our cloud infrastructure and applications. • Discover, remediate, and validate security issues across the cloud infrastructure. • Conduct security-focused architecture and design reviews and provide timely, actionable requirements and recommendations. • Collaborate with security leadership, compliance teams, and engineering teams to execute security strategies. • Build, deploy, and manage security tools such as WAF, IDS/IPS, workload protection, GCP Security Command Center, Azure Security Center, etc. • Propose and contribute to security and compliance improvements for nesto's CI/CD pipelines and deployment processes. • Automate infrastructure provisioning and deployment processes using Infrastructure as Code (IaC) tools such as Terraform or Pulumi. • Design and operate scalable processes to provision cloud access and maintain the principle of least privilege. • Participate in and support the detection and incident response process by improving observability and alerts, and assisting the incident response team. • Self-organize and prioritize activities autonomously. • Support first‑party security audits and security questionnaires. • Conduct and oversee security assessments and threat modeling exercises. • Implement security controls within Kubernetes. • Build DevSecOps tools and integrations.
Role Description Als Information Security Consultant (m/w/d) begleitest Du unsere Kunden partnerschaftlich und serviceorientiert beim Aufbau, Betrieb und der Weiterentwicklung moderner ISMS-Strukturen. In enger Zusammenarbeit mit Kunden analysierst du Geschäftsmodelle und technische Gegebenheiten und entwickelst darauf aufbauend praxistaugliche, auditfähige Lösungen. Kundenkontakt ist zentraler Bestandteil der Rolle - Austausch, Beratung und gemeinsame Lösungsfindung machen Dir idealerweise Spaß. - Enge Zusammenarbeit mit Kunden bei Planung, Umsetzung und Betrieb von ISMS- und Compliance-Strukturen - Durchführung von Gap-Analysen, Ableitung und Priorisierung von Maßnahmen - Erstellung und Abstimmung von Policies, Prozessen, Rollenmodellen, SoA und Nachweisen - Vorbereitung und Begleitung von internen und externen Audits - Übersetzung regulatorischer Anforderungen in praxisnahe Betriebsmodelle - Regelmäßiger Austausch mit technischen, organisatorischen und Management-Stakeholdern Qualifications - Erfahrung in Informationssicherheit, ISMS, GRC, IT-Projekten oder Prozessmanagement - Freude an kundenorientierter Beratung und gemeinsamer Lösungsentwicklung - Fähigkeit, komplexe Security-Themen klar und verständlich zu vermitteln - Erfahrung mit ISO/IEC 27001 (oder hohe Motivation, hier schnell einzusteigen) - Kenntnisse in SOC 2, C5, NIS2 oder DSGVO von Vorteil - Tool-Affinität (z. B. Jira, Confluence, Microsoft 365/SharePoint) - Sehr gute Deutsch- und Englischkenntnisse Benefits - 100 % Remote-Arbeit (Deutschland) - Optionale 4-Tage-Woche - Hoher Kundenkontakt und sichtbarer Impact - Professionelle, offene Kultur mit starkem Fokus auf Service & Zusammenarbeit - Langfristige Entwicklungsperspektiven - Projekte im Umfeld Cloud, AI und Data Center Company Description Heartland Solutions ist eine spezialisierte Beratung für Informationssicherheit, Compliance und Managementsysteme. Wir arbeiten mit technologiegetriebenen Unternehmen aus Cloud, AI und Data Center. Unser Anspruch: Sicherheit entsteht im Dialog mit dem Kunden - und zeigt ihren Wert in funktionierender Umsetzung.
Mid-level Information Security Analyst
Atlas GovernanceAtlas Governance is the ultimate Board Portal, and provides the most secure and intuitive software available.
• Administer and operate security tools, including: - Architect and implement Azure-native AI agents - Develop automated pipelines for real-time alert triage and enrichment - Integrate LLM models (e.g., GPT) into incident response workflows - Apply embeddings for semantic correlation of security events - Azure (Cloud Security) - SIEM: Microsoft Sentinel - Build automated playbooks integrated with generative AI - Develop serverless automations using Azure Functions and Logic Apps - Orchestrate end-to-end response flows - Implement intelligent triage with risk-based prioritization • Develop and maintain automations in Microsoft environments using tools such as PowerShell, Bash, Logic Apps, Power Automate, Automation Account, APIs, and AI capabilities.
