• Lead threat modeling, hardening and operation of security services • Define and implement security standards and automated security controls • Partner with cross-functional teams to embed secure design practices • Lead technical direction and roadmap execution for assigned area • Maintain high Operational Excellence to minimize downtime • Participate in on-call rotation to respond to events • Manage lifecycle of product and cloud security vulnerabilities • Influence secure adoption of LLMs and AI tools • Mentor and coach earlier career engineers

• Implement and tune core security controls that protect employees across three global brands • Operate the day-to-day security stack, spanning endpoint detection and response (EDR), zero-trust network access, identity-aware proxies, browser security, and data loss prevention (DLP) • Use AI-assisted coding tools to automate security workflows, incident response, and compliance evidence collection • Address modern SaaS risk such as shadow IT, OAuth token sprawl, and high-risk application reviews • Help teams adopt secure-by-default baselines

• Development, maintenance, advocacy, and compliance for security architecture and DevSecOps framework and policy instruments such as directives, frameworks, policies, standards, and guidelines. • Security architecture subject matter expertise in the one or more following domains: Secure application development processes and tools. • Secure business architecture. Secure data architecture. Secure application architecture. Secure technology architecture. • Consultation, evaluation, and delivery of digital service products throughout the solution development life cycle (SDLC) for conformance to IMT cybersecurity policy instruments including formulation of options and recommendations. • Conduct security review, consult, and advise on secure coding, secrets management, on-premises, Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP), and third-party hosted solutions with verbal and written report. • Provide security advice to business and technical stakeholders, including senior executives. • Participate in projects as an information security subject matter expert with a focus on security architecture and security capabilities within a DevSecOps framework to protect digital service development and operations. • Participate in the identification of information security requirements, as well as the development of strategies and solutions to meet these requirements across the organization. • Facilitate or perform identification, assessment, and treatment of information and technology security threats and risks.

• Act as the technical Cyber Security specialist for OT/ICS environments, supporting high-criticality industrial operations across different companies within the Cosan Group; • Lead initiatives to expand OT security monitoring, including onboarding new plants, industrial networks, critical assets, and operational technologies into the monitoring ecosystem; • Develop and refine detection use cases for industrial environments, using OT monitoring platforms, SIEM, EDR and specialized threat detection solutions; • Perform industrial network architecture analyses, evaluating segmentation, zones and conduits, communication flows, and adherence to security best practices for ICS environments; • Participate in defining and reviewing secure architectures for new industrial projects, operational expansions, and OT digital transformation initiatives; • Support identification, analysis and assessment of cyber threats, vulnerabilities and exposures in industrial environments, proposing prioritized mitigation plans based on risk; • Work with Engineering, Automation, Network and Operations teams to implement security controls for OT environments; • Provide technical support for the cyber incident response process involving industrial systems, contributing root cause analysis, containment and corrective actions; • Conduct technical assessments of maturity, hardening, industrial network segmentation and compliance with market frameworks and standards; • Manage vendors and partners specialized in OT security, ensuring technical quality, governance and continuous evolution of contracted services; • Prepare executive reports and presentations for different organizational levels, communicating risks, metrics, progress and investment needs; • Support the definition of the Group's OT Cyber Security strategy, contributing to the advancement of industrial security maturity.