Browse
···
Log in / Register
Job Summary: Work on cloud technology operations security, ensuring secure infrastructure, platforms, and applications from design through to operations. Key Highlights: 1. Cloud technology operations security 2. Risk prevention, risk analysis, and continuous improvement of security posture 3. Technical bridge between engineering and compliance **Let’s pursue the extraordinary together?** **Our Principles** * We speak person-to-person * We pursue the extraordinary * We bring innovation to life * We strengthen ourselves through transparency **Responsibilities and Duties** **Your Role Will Be:** Work on **cloud technology operations security**, ensuring infrastructure, platforms, and applications are secure from design through to operations, with a focus on **risk prevention, risk analysis, and continuous improvement of security posture**, serving as the **technical bridge between engineering teams and the compliance area**. * Implement and evolve **security controls in AWS/GCP environments**, focusing on infrastructure, networks, identities, and platforms. * Work on **cloud network security**, including configuration and management of **VPCs, firewalls, WAF, and traffic controls**. * Manage and enhance **IAM and access controls**, applying least-privilege principles, role segregation, and authentication best practices. * Define and apply **hardening standards** for workloads in **EKS (Kubernetes)** and **serverless environments**. * Operate and monitor **security scanning tools**, such as **DAST and IAST**, supporting teams in vulnerability analysis and remediation. * Promote and support **security assessments and penetration tests**, in collaboration with vendors or specialized tools. * Proactively identify **risks**, conduct **post-incident analyses**, and contribute to structural improvements and recurrence reduction. * Collaborate with **DevOps/SRE and Engineering teams**, ensuring security practices are integrated into development and operational workflows. * Support the **compliance area**, translating regulatory requirements into **technical controls, evidence, and applicable practices**. * Contribute to the evolution of **technical security governance**, focusing on effectiveness, automation, and operational simplicity. **Requirements and Qualifications** **What We Expect From You:** Practical experience in **cloud and modern platform security**, emphasizing execution, prevention, and continuous improvement—no exclusively offensive or audit-focused profile required. * Solid knowledge of **cloud infrastructure security**, including networks, firewalls, WAF, and access controls. * Experience with **AWS and/or GCP**, especially in: * IAM * VPC and networking * Load Balancers * Managed services and serverless. * Hands-on experience in **Kubernetes (EKS)** environments, including cluster, workload, and configuration security concepts. * Knowledge of **application and pipeline security**, with practical use of **DAST and IAST**. * Familiarity with **incident analysis processes** and vulnerability mitigation. * Knowledge of **Linux**, focusing on administration, troubleshooting, and security best practices. * Ability to engage technically with **engineering, DevOps, and compliance** teams. * Experience with **automation or scripting** (Python and/or Shell). Consistent use of **Git** and collaborative practices. **You’ll Stand Out If You Have:** * Experience with **CI/CD pipeline security**. * Experience with **monitoring and observability**, applied to security. * Knowledge of **serverless environment security**. * Experience with **identity management** (e.g., Keycloak or similar). * Familiarity with **security frameworks and best practices** (OWASP, CIS, NIST), applied practically. * Prior experience in regulated environments or those with **compliance requirements**. **Additional Information** **At Franq, You’ll:** * Work alongside experienced and renowned professionals from the financial industry; * Develop, evolve, and learn skills using best practices and cutting-edge technologies; * Participate in an innovative project that impacts customers’ financial lives and creates new ways of doing business. **We Offer:** * CLT employment contract; * Flexible benefits card (Caju) worth R$ 1.033,50; * Fully company-subsidized medical and dental insurance (Bradesco Plan), with no co-payment; * Life insurance; * Partnership with Wellhub (Gympass); * Partnerships with Psicologia Viva and Conexa Saúde; * Birthday day off; * Fruit table for Franqers in on-site mode. **Diversity and Inclusion at Franq!** Here at Franq, you have space to be frank with yourself—to be who you are! We value you regardless of race, color, religion, gender identity, nationality, disability, sexual orientation, ancestry, or age. All our positions are open to candidates with disabilities—if this applies to you, please specify it in your application and provide the corresponding CID code. **JOIN US IN PURSUING THE EXTRAORDINARY** Become a Franqer! \#GoFranq
