Description: * Solid knowledge of security technologies: Firewall, VPN, Content Filtering, Intrusion Detection and Prevention Systems (IDPS), Web Application Firewall (WAF), Antispam, Antimalware, Data Loss Prevention (DLP), Password Vault, Digital Certificates, Vulnerability Assessment, Patch Management, and Internal System Penetration Testing. * Desired knowledge of operating system architecture (Windows and Linux), Cloud infrastructure, Office365, Network Services, Troubleshooting Tools, and IT Security. * Knowledge of programming languages such as SQL, Python, HTML, JavaScript, and PowerShell. In-depth knowledge of TCP/IP protocols, secure communication protocols (SSL/TLS), cryptography, network architecture, administration of network and security monitoring systems, and behavioral analysis. * Experience conducting security assessments on infrastructure and applications; experience analyzing security scenarios and developing innovative and efficient solutions against threats and vulnerabilities; * Development and follow-up of action plans to address existing vulnerabilities in infrastructure and applications. * Experience leading information security projects; experience with security processes, standards, and frameworks such as NIST, ISO 27001, and OWASP; * Experience defining infrastructure and software architectures based on Cybersecurity requirements; * Knowledge of IT best practices, such as ITIL and COBIT. * Service Security and Availability – Ensure that IT services meet current and future business security needs by managing and monitoring information security for prevention and introduction of new technologies, proposing improvements and/or changes to the environment to minimize risks that could impact IT services, guarantee agreed service levels, and thereby maintain service continuity and proper operation. * Security Policies and Standards – Maintain and monitor the IT infrastructure security environment through the creation, review, and audit of information security policies, standards, and procedures aligned with Bernoulli Educação’s core values, aiming for market-leading best practices and ensuring confidentiality, integrity, and availability of information. * Information Security – Ensure compliance with the information security policy through monitoring and auditing of software usage and access, to guarantee process compliance and risk reduction. * Security Incident Response – Respond to information security incidents reported by internal customers, penetration tests, monitoring systems, external audits, and regulatory bodies, by developing and executing action plans and associated processes to address existing vulnerabilities, security incidents, and audit requests, aiming to ensure security, compliance, and inviolability of technological services. * Project Management – Propose and oversee the execution of information security-related projects by carrying out and validating the stages inherent to platforms managed by the information security analyst, aiming to meet project deadlines and deliver the expected impact. * Vendor Monitoring – Monitor and evaluate security solutions regarding service quality delivered by vendors, through measurement of threat prevention levels, support quality, response time, and contractual metric compliance, aiming to assess and validate service quality for proposals related to vendor maintenance or replacement within their scope of activities. * Auditing and Best Practices – Guide and audit IT infrastructure staff activities through alignment meetings and activity monitoring, aiming to foster a culture of security best practices across the environment. 2512300202491094959