Browse
···
Log in / Register
Job Summary: We are seeking a proactive professional to identify risks, propose solutions, and manage multiple demands, with a focus on system security and development. Key Highlights: 1. Conducting security-focused code audits and reviews. 2. Supporting the development team in adopting DevOps security best practices. 3. Creating and maintaining security policies throughout the development lifecycle. Bachelor's degree in Computer Science, Computer Engineering, Software Engineering, or Information Systems. Home \- CEPEL We seek a proactive and self-motivated professional capable of identifying risks and proposing solutions. We expect someone detail-oriented and critically minded, able to prioritize and manage multiple demands. **Responsibilities and Duties** Main Activities to be Performed: * Perform source-code audits and reviews to identify security vulnerabilities and non-conformities. * Assess and monitor the security of production systems, proposing improvements and mitigating risks. * Support the development team in implementing security best practices within the DevOps pipeline. * Create and maintain security policies, standards, and automations across the development lifecycle. * Collaborate with development, infrastructure, and security teams to ensure compliance with internal and external standards and regulations. **Requirements and Qualifications** Mandatory Knowledge: * Bachelor's degree in Computer Science, Computer Engineering, Software Engineering, or Information Systems. * Experience in secure code analysis and review (security-focused code review). * Knowledge of OWASP Top 10, CWE/SANS Top 25, and Secure Coding practices. * Experience with CI/CD pipelines and integrating security into the DevOps workflow. * Familiarity with secure infrastructure in cloud environments (Azure, GCP, or AWS) and on-premises setups. * Basic knowledge of penetration testing (Pentest) and vulnerability analysis. Desirable Knowledge: * Security certifications (e.g., CompTIA Security\+, GIAC, CSSLP, DevSecOps Foundation, OSCP). * Prior experience in incident response and digital forensics. * Knowledge of containers and Kubernetes/Docker security. * Knowledge of SCADA systems. **Additional Information** * Indefinite-term employment contract; * On-site work modality; * Health insurance plan with co-payment, extendable to immediate dependents; * Meal/food allowance; * Private pension plan; * Wellhub (formerly Gympass); * Childcare allowance; * Educational assistance; Centro de Pesquisas de Energia Elétrica (CEPEL), founded by Eletrobras in 1974, is the largest R\&D institution in the electricity sector in Latin America. With over five decades of operation, CEPEL is recognized as a leading non-profit Scientific, Technological, and Innovation Institution (STII), combining an outstanding technical workforce with world-class laboratory infrastructure. Present across Brazil and in nine countries, CEPEL develops technologies and services for power generation, transmission, distribution, and trading, promoting advancements that make the sector more efficient and reliable. Its strategic solutions cover R\&D projects, technical consulting, laboratory services, and technologies for planning, operation, and management of electrical systems, while also strengthening grid resilience and reinforcing Brazil’s national energy matrix. **Mission** * To develop energy-related technological solutions for society. **Vision** * To be an international reference in innovative energy solutions. **Values** * Life first. * Our energy comes from people. * Integrity always. * Our excellence makes the difference. * Innovate to create value.
