**Description:** Lead security initiatives, ensuring compliance with standards, internal policies, and industry frameworks (NIST, CIS, LGPD). Conduct risk assessments, vulnerability analyses, and propose effective mitigation plans. Perform Patch Management in the environment to mitigate vulnerabilities. Coordinate end-to-end investigations and responses to security incidents. Develop, review, and reinforce information security policies, standards, and procedures. Monitor events and threats using SIEM/SOC tools, supporting operational and infrastructure teams. Perform system, application, network, and cloud environment hardening. Manage identity and access (IAM), including best practices for MFA, RBAC, and segregation of duties. **Operate and optimize security tools:** EDR/XDR, WAF, DLP, CASB, Zero Trust, and Firewall (IPS and IDS). Support internal and external audits, tracking action plans. Influence security culture by training and raising awareness across business areas. Evaluate emerging technologies and propose architectural and governance improvements. **Desired Requirements:** Solid experience in Information Security (senior level). Proficiency in risk, incident, and vulnerability management. Advanced knowledge of networks, protocols, security architecture, and models. Experience with Azure (Microsoft M365) and AWS in security contexts. Hands-on experience with SIEM tools, EDR/XDR, and endpoint protection solutions. Understanding of LGPD and applicable regulatory compliance. Experience with IAM, access policies, and controls. Ability to write and maintain corporate policies, processes, and standards. Strong communication skills to engage effectively with both technology and business stakeholders without ambiguity. 2512310202491894709