Job Summary: We are seeking an Information Security Leader passionate about innovation to promote security, ensuring projects are conceived with a risk management and quality mindset. Key Highlights: 1. Work in an agile, collaborative, and challenging environment focused on innovation. 2. Lead and manage the SOC team, ensuring security operations and evolution. 3. Serve as a technical reference for security detection and rule engineering. If you’re passionate about innovation and seek to work in an agile, collaborative, and challenging environment, this could be your opportunity! For our **Information Security** team, we seek a detail-oriented, critically minded professional to promote information security within Asaas—upholding daily best practices and ensuring projects are conceived and scaled with a risk management, security, and quality mindset—thereby contributing to business success. Interested but not based in Joinville? No problem—we support **remote/home office** work. **Responsibilities and Duties** * Lead, develop, and manage the SOC team (analysts and/or detection engineers), including goal setting, KPIs (MTTD, MTTR, false positive rate, use case coverage), performance evaluation, and career development planning; * Ensure SOC operations and evolution by structuring incident triage, classification, escalation, and communication processes, guaranteeing operational consistency and predictability; * Oversee the full incident response lifecycle within the SOC context (detection → triage → initial containment → escalation → follow-up → resolution), ensuring proper logging, evidence collection, and alignment with corporate IR (Incident Response) processes; * Lead SIEM strategy (log onboarding, normalization, correlation, data quality, retention, and use cases), ensuring coverage for critical assets, cloud environments, and applications—with focus on reducing “alert fatigue” and increasing effectiveness; * Drive SOAR implementation and optimization (playbooks, automations, integrations, orchestration), improving team efficiency and standardizing response actions—including enrichment with internal and external data (CTI); * Serve as a technical reference for Detection and Rule Engineering (alert tuning, rule development and versioning, testing, validation in controlled environments, change governance), ensuring traceability and quality; * Ensure integrations and operational synergy with defensive tools (EDR/XDR, NDR, IDS/IPS, Firewalls, WAF, DLP, CASB, IAM), connecting telemetry, automated actions, and escalation workflows; * Monitor vulnerability and exposure management from the SOC perspective (correlating critical vulnerabilities with exploitation signals, risk- and active-exploitation-based prioritization, supporting remediation teams and validating fixes); * Develop and maintain runbooks, playbooks, standard operating procedures (SOPs), and incident communication plans—ensuring adherence, continuous training, and simulations (tabletop/exercises); * Report risks, trends, and outcomes to leadership and stakeholders—translating technical data into executive metrics (detection posture, top attack vectors, top incidents, root causes, action plans); * Ensure SOC governance and compliance with regulations and standards (e.g., PCI-DSS, ISO 27001/27002, Bacen regulatory requirements), including evidence generation, audits, audit trails, and controls applicable to monitoring and response. **Requirements and Qualifications** * Proven experience leading/managing SOC/Blue Team teams (operations, detection, response) in critical, high-availability environments; * Deep knowledge of SOC processes: triage, queue management, severity classification, escalation, communication, post-incident review, and continuous improvement; * Advanced hands-on experience with SIEM (log management, correlation, rule development/tuning, use cases, data quality) and SOAR (playbooks, automations, integrations); * Practical expertise in EDR/XDR, networking and protocols, operating systems (Windows/Linux/Mac), and cloud security fundamentals (AWS/Azure) and hybrid environments; * Familiarity with MITRE ATT&CK, detection techniques, threat hunting, and basic forensic investigation (evidence collection/preservation, event analysis, timeline reconstruction); * Experience applying security frameworks and best practices: NIST Cybersecurity Framework, NIST, ISO 27001/27002, CIS Controls; * Experience in regulated and/or auditable environments, with ability to produce evidence, reports, and corrective action plans; * Ability to align SOC priorities with business objectives, clearly communicate risks, and engage cross-functionally with Infrastructure/Cloud/Engineering, Architecture, Product, and GRC teams; * Capability to define metrics and operate by KPIs (MTTD/MTTR, backlog, detection coverage, false positives, automation rate, SLAs), driving SOC efficiency and effectiveness. **Additional Information** * 8-hour workday (Monday to Friday — no Saturday compensation); * CLT employment contract. **We are a Fintech**, a Payment Institution accredited by the Central Bank of Brazil, and **our purpose is to maximize business productivity through technology.** We offer an end-to-end solution for receivables management, payments, receivables anticipation, and serve over 200,000 customers—including self-employed professionals, microentrepreneurs (MEI), and large enterprises. Our dream began in 2010 in Joinville/SC, and we believe the sky is not the limit for our growth. That’s why our team today spans multiple locations across Brazil! **Over 1,000 people share Asaas’ dream—collaboratively, innovatively, efficiently, autonomously, and freely aiming high.** Soaring high demands resources to live and work better—and freedom to manage them. Thus, we welcome and care for our team by offering benefits that support personal and professional growth: **Health & Well-being:** We provide comprehensive medical and dental insurance (no co-pay), life insurance, medication purchase assistance, and physical activity support. Neon is our partner for financial health, and Zenklub supports physical and mental health (4 free monthly therapy or nutritionist sessions). On-site, we also offer *quick massage.* **Food & Family:** Our flexible food benefit is delivered via a Visa credit card—the balance may be used at the employee’s discretion. On-site, we offer *free food*, and for families, we provide daycare assistance, parental support programs, and extended maternity and paternity leave. **Education & Growth:** Beyond a challenging and highly developmental environment, we offer an in-house training platform and an Education Assistance Program covering 70% of undergraduate and language course tuition, plus reimbursement for courses and books—so our team never stops learning. **High-Quality Remote Work:** We provide Home Office allowance, work equipment, furniture allowance, and partner with WOBA so employees can access coworking spaces nationwide whenever desired. Explore our headquarters in Joinville/SC via **this virtual tour**! **Extras—because the Dream Team deserves them:** Birthday *Day Off*, Happy Hour allowance, referral bonuses, annual goal-based bonuses, Stock Options plan, and a relaxed, *no dress code* environment!