Information Security Specialist

Description

Job Summary: An Information Security professional to conduct risk assessments, manage incidents, define policies, and implement security solutions, ensuring compliance and protection. Key Highlights: 1. Risk assessment and security incident management. 2. Development and implementation of security solutions and policies. 3. Opportunity to work with renowned frameworks and cloud solutions. **Responsibilities:** * Conduct risk, threat, and vulnerability assessments. * Evaluate and perform hardening configuration reviews. * Respond to and analyze security incidents (incident handling), including identification, investigation, containment, and resolution. * Develop, maintain, and update incident response playbooks. * Support the team in daily routines related to internal audit, compliance, etc. * Assess and analyze security requirements for existing systems and new projects, firewall rules, and define new requirements as needed. * Respond to service tickets and analyze risks, troubleshoot security-related issues involving tools, security rules and policies, and firewall rules. * Define policies and conduct user profile reviews. * Participate in internal security awareness campaigns, contributing to material creation and communication with employees. * Design, implement, and maintain security solutions, defining respective processes and controls. * Respond to breaches or threats and take corrective and preventive actions to avoid future incidents. * Monitor internal logs and traffic to proactively investigate suspicious activities and anomalies. * Communicate\-with client teams to discuss security measures and provide information about the designed system. **Requirements:** * Completed undergraduate degree in Information Security or Information Technology; * Minimum 5 years of experience in Information Security. * Knowledge of network security, cyber-protection solutions, technical and operational controls, operating systems, and cloud solutions. * Security frameworks and methodologies, such as ISO 27001, NIST, and OWASP. * Knowledge of regulatory compliance standards (e.g., PCI, SOX). * Practical experience with SOC. **Skills:** * English / Advanced / Writing / Speaking. * Integrity and discretion. * Commitment/engagement. * Results-oriented. * Strong interpersonal skills. * Critical/analytical thinking. * Ability to perform under pressure in a dynamic, high-demand environment. * Strong communication skills for interaction with internal and external teams. * Teamwork, providing support to analysts across various activities. * Familiarity with IT controls and audit processes. **Preferred Qualifications:** * Certifications such as ISO/IEC 27001, CEH, CCSP, CISSP, ISFS, Security\+ PDPF. * Knowledge / Solutions: (Antivirus, Burp Suite, WAF, Firewall, SIEM, QualysGuard, AWS, Azure or Google Cloud, general security tools). * Ability to map security risks and define web application / application architectures. **MJV Benefits:** TotalPass\\Wellhub; ‍‍‍‍ Group life insurance; Meal/Voucher allowance; Health and dental plan \- Bradesco; Training initiatives: lectures, forums, knowledge-sharing sessions, and discussions related to our business. We stay constantly connected to learn more — together; \+MJVer Program: an internal referral program where you refer a colleague to join us, and if the match is successful, you receive a reward. Partnerships: want discounts? We have a Workplace group where we announce partnerships with educational institutions, language schools, gyms, restaurants, products, and other services.