···
Log in / Register

Senior Information Security Analyst | Cloud & Data Security

Indeed
Full-time
Onsite
No experience limit
No degree limit
Praça do Patriarca, 62 - Centro Histórico de São Paulo, São Paulo - SP, 01002-010, Brazil
Favourites
Share
Some content was automatically translatedView Original

Description

Job Summary: We are seeking a Senior Information Security Analyst to design, implement, and evolve the Cloud Security Architecture in cloud environments and data protection. Key Highlights: 1. Technical and hands-on expertise in secure cloud architectures. 2. Strong focus on sensitive data security and regulatory compliance. 3. Collaboration with diverse engineering and IT teams. Nice to meet you — we are Evertec! Evertec is a company specialized in **financial sector technology**, with over 27 years of experience and presence in 26 countries across Latin America and the Caribbean. Processing over 11 billion transactions annually, we are a reference in solutions that drive digital transformation in the market. We offer a comprehensive portfolio of **software solutions**, serving financial institutions, enterprises, and fintechs seeking **innovation, security, and efficiency**. Our commitment is to **technological excellence**, financial inclusion, and sustainable value creation for customers, employees, and partners — fostering a more connected and accessible ecosystem. Requirements: The **Information Security** team is responsible for ensuring robust technical controls, supporting business units, and contributing to the continuous reduction of organizational risks. We seek a **Senior Information Security Analyst** to work at Brazil’s largest software development and financial-market product company, supporting the enhancement of security posture in cloud environments and data protection. This professional will have strong technical and hands-on involvement, serving as a reference for secure cloud architectures, modern workloads, and sensitive data protection — ensuring alignment with global best practices and financial-sector regulatory requirements. **This role is responsible for:** * Designing, implementing, and evolving Cloud Security Architecture across IaaS, PaaS, and SaaS environments. * Implementing and operating Zero Trust controls in cloud environments, with emphasis on identity, access, security posture, and workloads. * Supporting the design and governance of Cloud IAM, ensuring secure authentication, authorization, and privilege segregation policies. * Implementing and maintaining least-privilege access mechanisms across cloud providers. * Creating and maintaining security baselines, templates, and secure infrastructure standards — including image hardening and default configurations. * Implementing controls for cloud infrastructure protection, covering networks, virtual machines, containers, APIs, and microservices. * Ensuring security for modern workloads, including Kubernetes, serverless, and infrastructure-as-code (IaC). * Supporting technical architecture reviews for cloud-native applications, proposing security and resilience improvements. * Operating and evolving Cloud Security Monitoring & Detection solutions, integrating logs, events, and risk signals. * Managing Cloud Security Posture Management (CSPM) tools, tracking compliance and remediation plans. Supporting Data Protection & Privacy initiatives, including: * Using KMS/HSM for encryption of data at rest and in transit. Implementing Data Loss Prevention (DLP) controls in cloud environments. * Collaborating closely with engineering, architecture, DevOps, data, and infrastructure teams. Supporting technical audits and regulatory requirements (BACEN, NIST, ISO 27001), providing evidence and technical recommendations. * Strong knowledge of operating systems: Windows and Linux. * Advanced networking knowledge, TCP/IP protocols, and the OSI model. * Experience integrating cloud tools with SOC. * Producing, maintaining, and reviewing information security technical documentation — including processes, standards, operational procedures, architectures, and control flows — ensuring clarity, traceability, and adherence to internal and regulatory standards. **To \#match, this position requires the following mandatory qualifications:** * Proven experience leading and delivering projects using the technologies and processes mentioned. * Solid experience in high-availability and high-complexity environments, including 24x7 operations, multiple availability zones, hybrid architectures (on-prem + cloud), risk management, and business continuity. * Experience working with or supporting financial institutions, with understanding of stringent regulatory requirements and audits — including Central Bank regulations. * Experience in multi-cloud and hybrid environments. * Completed undergraduate degree; * Advanced English for technical reading and interaction with vendors and documentation. **The following knowledge or experience would be considered advantageous:** * Experience in the financial sector and familiarity with NIST CSF, ISO 27001, and Central Bank requirements. * Practical experience with automation and security-as-code. * Knowledge of firewalls and networking. * Akamai – WAF – Guardicore. * Postgraduate degree or MBA in Information Security, Architecture, Cybersecurity, or related fields. * Desired certifications: AZ-900, AZ-500, SC-300, SC-100, AWS Security Specialty, or GCP Professional Cloud Security Engineer, CompTIA Security+, ISO 27001. * Spanish; Benefits **So, does this resonate with you? Here’s what you’ll find here — beyond a dynamic environment:** * Meal or food allowance; * Flexible benefit (Flash); * Health insurance; * Partners for psychological, legal, financial, and nutritional support (CLUDE, C4LIFE, and ASQ); * Psicologia Viva; * Dental insurance; * Childcare allowance; * Allowance for children with special needs; * Fertility assistance; * Extended maternity and paternity leave; * Transportation allowance or Home Office allowance (for remote contracts); * Gympass (Wellhub) and TotalPass; * Flexible working hours; * Life insurance; * Partnership club; * Sesc partnership; * Just dress no code (no dress code); * Birthday day off; * Beca (education incentive program); * PPR or Bonus — based on goal and result achievement. We value **diversity**, recognizing that what truly adds value is varied ideas and perspectives. Therefore, race, color, religion, gender and gender identity, nationality, disability, sexual orientation, ancestry, or age will not prevent you from joining our team.

Source:  indeed View original post
João Silva
Indeed · HR

Company

Indeed
Cookie
Cookie Settings
Our Apps
Download
Download on the
APP Store
Download
Get it on
Google Play
© 2025 Servanan International Pte. Ltd.