WTime Business Intelligence logo
WTime Business Intelligence

Tradition and modernity to offer your business full strategic support in the implementation of technology services.

Senior Data Security Specialist – Data Security Strategy

Security EngineerSecurity EngineerFull TimeRemoteSeniorTeam 51-200H1B No SponsorCompany SiteLinkedIn

Location

Brazil

Posted

2 days ago

Salary

0

Seniority

Senior

Bachelor DegreePortugueseAWSAzureGoogle Cloud Platform

Job Description

Senior Data Security Specialist – Data Security Strategy

WTime Business Intelligence

• Define and implement data protection and governance strategies • Identify risks, vulnerabilities, and opportunities for improvement in the data environment • Work with data classification, DLP, DSPM, CASB, and Microsoft Purview • Develop policies, metrics, and roadmaps for the evolution of Information Security

Job Requirements

  • Strong experience in Information Security with a focus on data protection and governance
  • Knowledge of DLP, Microsoft Purview, CASB, data classification, and Azure, AWS, or GCP environments
  • Experience in regulated environments and working with LGPD (Brazilian General Data Protection Law)
  • Strategic, analytical profile with excellent communication skills across technical and business stakeholders
  • Experience with DSPM platforms (Varonis, Cyera, Guardium, or similar)
  • Certifications such as CDPSE, SC-400, SC-100, CISSP, CISM, CIPM, or CIPT

Benefits

  • Work closely with Privacy, Compliance, Audit, IT, and Business teams
  • Support AI Security initiatives and data protection in cloud environments

Related Categories

Related Job Pages

More Security Engineer Jobs

Full TimeRemoteTeam 5,001-10,000H1B Sponsor

• Owning the technical relationship with customers from onboarding through renewal • Performing technical presentations and demos for customers and partners • Communicating concepts to audiences, including executive-level decision-makers, and follow up with technical staff in all areas • Adapting to complex, changing business environments to deliver valuable solutions to enterprise customers • Familiarizing yourself with customer environments, requirements, and milestones in order to help drive value

Italy
NBA logo

Cybersecurity Staff Engineer

NBA

Nadia Bakhurji Architectural & Engineering Consultants (NBA)

Full TimeRemoteTeam 11-50Since 2007H1B Sponsor

• Aggregate risk posture, control gaps, and issue status across all cybersecurity towers into cohesive dashboards and executive-ready reporting frameworks • Serve as the single point of GRC intelligence — translating disparate signals into a coherent organizational risk picture • Establish and maintain consistent metrics and KPIs that reflect compliance health across all towers • Own end-to-end issue lifecycle management — from identification through remediation — ensuring findings don't stall in handoff gaps • Build accountability mechanisms across tower leads and partner teams that keep risk closure on track without requiring direct authority • Ensure non-IT departments follow documented processes and help them address audit gaps • Escalate systemic issues and trend patterns to senior leadership with actionable recommendations • Lead all aspects of ISO 27001 certification maintenance, including evidence collection, control mapping, audit readiness, and continuous improvement • Manage relationships with external auditors and certification bodies • Ensure the program remains audit-ready year-round, not just at certification time • Contribute into our SOC 2 Type II program and lead compliance posture across applicable trust service criteria • Coordinate with engineering, IT, and operations teams to ensure controls are implemented, evidenced, and sustainable • Conduct and document Level 1 cyber risk assessments using established frameworks including NIST CSF and ISO 27001 • Maintain the enterprise cyber risk register, ensuring risks are properly rated, owned, and tracked toward resolution • Surface emerging risks tied to our industry — fan data systems, broadcast infrastructure, global event operations — with appropriate context for decision-makers • Partner with tower leads, IT, Legal, Privacy, and Procurement to align on risk priorities and drive coordinated remediation • Communicate policy and regulatory requirements in language that resonates with both technical practitioners and executive stakeholders • Operate as a trusted advisor across the organization — influencing outcomes without relying on org chart authority • Identify opportunities to replace manual compliance effort with scalable automation through GRC platforms and integrations • Drive adoption and optimization of tools such as Drata, ServiceNow GRC, OneTrust, or equivalent platforms • Stay ahead of the tooling landscape and bring forward recommendations that improve program efficiency and coverage • Maintain working knowledge of regulations relevant to our global footprint — including GDPR, CCPA, and evolving data residency requirements across international markets • Support third-party and vendor risk review processes in coordination with Legal and Procurement, ensuring vendor relationships meet our compliance standards

New Jersey
$172.5K - $195K / year
Vertex Inc. logo

Security Program Manager

Vertex Inc.

Vertex is a global biotechnology company that invests in scientific innovation.

Full TimeRemoteTeam 1,001-5,000

Role Description We're hiring a Security Program Manager to serve as the operating backbone of the Office of the CISO. This is a senior individual contributor role for someone who thrives on connecting people, programs, and priorities across a complex enterprise and who uses AI tooling deliberately to multiply their impact. You'll partner directly with the CISO across all pillars of our security organization to drive security initiatives, OKRs, KPIs, and metrics into a single, coherent operating system. This is not a traditional project manager role. You'll own the full lifecycle of security programs—from intake and prioritization through execution and long-term operational health—and you'll succeed through influence, structure, and clarity rather than direct authority. You'll have a direct line to the CISO and immediate visibility across the enterprise. You'll shape how security operates, how it reports, and how it scales, including how the company governs AI as adoption accelerates. If you want to do the highest-leverage program management work of your career in security, this is it. - Run the Security Operating System - Own the operating cadence of the CISO function — weekly staff meetings, monthly program reviews, and quarterly business reviews. - Produce the recurring decision-grade CISO report (executive summary, OKR scorecard, KPI scorecard, portfolio milestones, decisions required). - Maintain a single portfolio view across all security programs — intake, approved, executing, complete — with clear stage gates, owners, and forecasts. - Drive meeting preparation, documentation, stakeholder communication, and follow-through so leadership can focus on judgment calls, not coordination. - Own the OKR, KPI, and Metrics System - Run the quarterly OKR lifecycle across all four security teams — define, align, health check, and score. Ensure every Key Result has a baseline, target, owner, measurement method, and confidence level. - Maintain a KPI dictionary with definitions, formulas, systems of record, thresholds, and cadence — covering posture KPIs, program delivery KPIs, and team execution KPIs. - Ensure 100% of project work is mapped to an OKR or documented as run the business. - Lead monthly trend analysis and tie outcomes back to security and business objectives. - Drive Cross-Functional Program Delivery - Own end-to-end delivery of security programs — risk management, vulnerability management, security awareness, product onboarding into security, M&A security execution, incident readiness, and compliance initiatives. - Act as the primary liaison between Security and Engineering, IT, Product, Legal, Privacy, Finance, People, Sales, and Customer Success. - Manage cross-team dependencies, and decision logs as drivers of action. - Enforce escalation SLAs and stage gates with a small, senior, expert team. - Build Executive & Board Communications - Build recurring deliverables for executive leadership, audit committee, and board updates — executive summaries, slide content, speaker notes, and Q&A prep. - Translate technical security and AI governance topics for non-technical executive audiences with clarity and brevity. - Produce decision-grade options memos with root cause, tradeoffs, recommendation, owner, and deadline. - Multiply Output Through Deliberate AI Use - Use AI tooling (e.g., Microsoft 365 Copilot, Claude, ServiceNow AI) deliberately and daily — for status synthesis, dashboard refresh, meeting recaps, draft communications, evidence collection, and audit response prep. - Identify and execute automation opportunities across security operations, GRC, and compliance workflows. Qualifications - 7+ years of progressive program or portfolio management experience, with 4+ years dedicated to information security, GRC, or product security programs in a SaaS or cloud environment. - Proven track record running OKR/KPI operating systems for security or technology leaders, including executive-ready reporting. - Direct experience coordinating across GRC, Product/Application Security, Security Operations/Incident Response, and emerging AI security and governance functions. - Demonstrated ability to operate as connective tissue across Engineering, Legal, Product, IT, Finance, and Sales — leading through influence rather than authority. - Mastery of program management tooling — Jira, Confluence, ServiceNow, Smartsheet, PowerPoint, Excel/Power BI. - Strong executive written and verbal communication; ability to produce concise, structured, dashboard-style one-pagers and decision memos. - Comfortable enforcing operating discipline (cadences, stage gates, escalation SLAs) in a small, senior, expert team. - Bias for action, ownership, and outcome — not activity. AI Literacy - Hands-on, deliberate daily use of AI tooling in your own workflows (drafting, synthesis, dashboards, evidence preparation, meeting recaps). - Understanding of AI security concerns: model risk, data leakage, prompt injection, third-party AI vendor risk, Shadow AI, AI guardrails, and Responsible AI principles. Preferred Certifications - PMP, PgMP, or equivalent program management certification. - CISSP, CISM, CRISC, or CISA (one strongly preferred). - AI Governance certification (e.g., IAPP AIGP, ISO 42001 Lead Implementer). Other Qualifications - The Winning Way behaviors that all Vertex employees need in order to meet the expectations of each other, our customers, and our partners. - Communicate with Clarity - Be clear, concise and actionable. Be relentlessly constructive. Seek and provide meaningful feedback. - Act with Urgency - Adopt an agile mentality - frequent iterations, improved speed, resilience. 80/20 rule – better is the enemy of done. Don’t spend hours when minutes are enough. - Work with Purpose - Exhibit a “We Can” mindset. Results outweigh effort. Everyone understands how their role contributes. Set aside personal objectives for team results. - Drive to Decision - Cut the swirl with defined deadlines and decision points. Be clear on individual accountability and decision authority. Guided by a commitment to and accountability for customer outcomes. - Own the Outcome - Defined milestones, commitments and intended results. Assess your work in context, if you’re unsure, ask. Demonstrate unwavering support for decisions. Pay Transparency Statement US Base Salary Range: $114,500.00 - $148,800.00. Base pay offered to new hires may vary based upon factors including relevant industry and job-related skills and experience, geographic location, and business needs. The range displayed does not encompass the full potential of the role, which allows for further growth and career progression. In addition, as a part of our total compensation package, this role may be eligible for the Vertex Bonus Plan (VOB), a role-specific sales commission/bonus, and/or equity grants. Learn more about Life at Vertex and connect with your recruiter for more details regarding Vertex's compensation and benefit programs. In no case will your pay fall below applicable local minimum wage requirements.

United States
$114.5K - $148.8K / year
CareOregon logo

Information Security Engineer III

CareOregon

Making health care work for everyone.

Full TimeRemoteTeam 501-1,000Since 1994H1B Sponsor

• Lead the design and management of security technologies, including but not limited to firewalls, proxy systems, logging, and other security devices • Provide security technology expertise to the organization; participate in and consult on projects • Advise other IS teams on best practices for security design • Execute tasks related to tickets and service requests for advanced to complex activities • Oversee the maintenance of security systems, including firewalls, proxy systems, logging, and other security devices, and vendor provided services • Analyze business needs; partner with leaders across the organization in order to research and recommend solutions which balance business need and risk mitigation • Define, build, and review reports on information security system performance and event anomalies • Author and serve as subject matter expert to define requirements and standards for information security • Monitor and continually review existing systems to ensure they are designed to comply with established standards and to empower business operations • Lead the planning for and support of disaster recovery and business continuity initiatives • Conduct product and vendor research, and present recommendations to management • Manage relations with vendors and equipment suppliers, including installation and repair of services • Perform work in alignment with the organization’s mission, vision, and values

Oregon
$113.9K - $139.3K / year