Job Summary: We are seeking a Junior Information Security Analyst to support SI operations with a focus on IAM, compliance, and incident response, aiming for technical growth in the field. Key Highlights: 1. Support Information Security operations 2. Focus on Identity and Access Management (IAM) 3. Strong willingness to learn and grow technically We are hiring a Junior Information Security Analyst to support Sipal’s Information Security operations, emphasizing process execution and discipline, primarily focusing on Identity and Access Management (IAM) within the Microsoft ecosystem (AD/M365/Entra/ERPs), as well as compliance routines, monitoring, and initial incident response. We seek a professional with strong motivation to learn, develop technical skills, and advance in the security field. **Responsibilities:** Operate access creation, modification, and revocation processes (joiner/mover/leaver), maintaining complete records and evidence. Support governance of groups and permissions (AD/Entra/M365), ensuring adherence to standards and proper approvals. Support periodic access and privilege recertification, consolidating lists, requesting approvals, and documenting evidence. **Support privilege controls:** review administrative access, basic segregation of duties (SoD), and audit trails. Maintain organization and up-to-date documentation (access matrix, standards, checklists, knowledge base). Monitor and triage security alerts/events (M365 Security/Defender, logs, Zabbix/Grafana, firewall), applying playbooks and escalating when necessary. **Support hardening and baselines:** GPOs, endpoint/server configurations, compliance reviews, and remediation tracking. **Support vulnerability management:** inventory, prioritization by criticality, patch/remediation tracking, and evidence collection. **Support LGPD/audit processes:** evidence organization, control checklists, policy and procedure updates. Support change management (GMUD) through risk assessment, validations, and impact documentation. Support security awareness initiatives and internal communication (best practices, campaigns, guidance). **Requirements:** **Security fundamentals:** identity, authentication/MFA, privileges, logging, vulnerabilities, and principle of least privilege. **Hands-on experience (even entry-level) with Microsoft environments:** AD and/or M365/Entra. Strong organizational skills for ITSM logging and evidence control (traceability and audit readiness). Basic networking knowledge (TCP/IP, DNS, VPN concepts) and fundamental troubleshooting ability. **Desirable Requirements:** Practical experience with IAM (groups, permissions, recertification, RBAC) and/or joiner/mover/leaver processes. Familiarity with Microsoft Defender (concepts), Fortinet (policies/VPN/logs basics), and SIEM (concepts). ITIL v4 (Incident/Problem/Change) and experience with ITSM tools (e.g., GLPI). **Certifications or Microsoft/Security learning paths (e.g.:** SC\-900\) are not mandatory but valued. **Work Location:** Curitiba/PR **Working Hours:** Mon–Fri \- 08:00–18:00\. **Additional Information:** This position is also open to Persons with Disabilities (PCD).