**Why join \#PosiTime?** We believe technology exists to empower lives, which is why every day we build new solutions that make people's lives better and smarter! Agile, vibrant, bold, innovative, diverse, connected, dynamic, entrepreneurial, and resilient: more than a team, we are \#PosiTime. If you identify with our purpose and are looking for a place to grow and contribute, we welcome you with open arms! **Responsibilities and Duties** We are seeking a **Mid-Level Information Security Analyst** to implement, operate, and continuously improve security practices across our systems and applications. This professional will be responsible for ensuring the company’s software, websites, and portals are developed and maintained in accordance with secure development policies, directly contributing to the protection of digital assets and mitigation of cyber risks. **Responsibilities and Duties** * Implement, test, and operate **advanced software security techniques** in compliance with the organization’s secure development policy; * Perform **continuous security testing** on code, websites, and portals, addressing and tracking corrections with responsible teams; * Maintain **security governance** through the review and improvement of policies, procedures, standards, and technical guidelines; * Monitor and maintain **security indicators (KRI and KPI)**, generating reports and improvement recommendations; * Actively participate in **software requirements analysis**, defining security actions from the initial stages of projects; * **Anticipate vulnerabilities** and propose preventive measures during the **design** phase of applications; * Address and mitigate **coding security issues**, promoting fixes and secure coding best practices; * Ensure the **security lifecycle closure during maintenance**, continuously evaluating and monitoring systems. * Design secure architectures for systems and applications. * Review, propose, and maintain information security policies, standards, and procedures. * Ensure compliance with frameworks (ISO 27001, PCI, NIST, SABSA) and LGPD. **Requirements and Qualifications** **Requirements** * Bachelor’s degree in **Information Systems, Computer Science, Computer Engineering**, or related fields; * Previous experience in **application security, vulnerability analysis, penetration testing (pentest)**, and compliance with security policies; * Ability to collaborate effectively with development, infrastructure, and compliance teams; * Experience with **DevSecOps**, CI/CD, and automation of security testing; **Differentiators** * Secure development methodologies (SSDLC); * Familiarity with security frameworks (ISO 27001, NIST, OWASP SAMM, among others); * Certifications such as **CEH, CompTIA Security\+, ISO 27001 Foundation, OWASP, or similar**; * Knowledge of **cloud security (AWS, Azure, GCP)** and containers (Docker, Kubernetes). **Additional Information** **Discover some of the benefits offered by \#PosiTime:** **\*\* We strive to offer the best benefits to \#PosiTime, which may vary depending on contract type and work location.** * Meal Allowance (not deducted). * Transportation Allowance (not deducted). * Life Insurance: Group policy. * Health Plan. * Psychological support. * Nutrition services. * Pharmacy discounts. *"Among global tech giants, almost all started in a garage. And only one began in a classroom."* That’s how Positivo Tecnologia was born, taking on the challenge in 1989 of producing computers in Brazil. We believe TECHNOLOGY EXISTS TO EMPOWER LIVES, and that is our essence—we want to integrate it into everyone’s routine, always in its best version: perfectly tailored to each consumer’s experience. That’s the spirit of those born in the classroom aiming to change worlds. Millions of them! **OUR POSITIVE WAY OF TECHNOLOGY: BEING AND DOING** Our dynamic, versatile team, which respects differences, is guided by our 12 core attitudes. At Positivo Tecnologia, you’ll have the opportunity to work with amazing professionals, learn extensively, and put your ideas into practice. Learn more about Positivo Tecnologia on LinkedIn: www.linkedin.com/company/positivo\-tecnologia Be PART OF OUR STORY! JOIN \#POSITIME!