Description: * Completed Bachelor's degree. Postgraduate studies in Information Security are essential; * Experience in risk mapping, impact analysis, and security policy management; * Familiarity with ISO 27001, 27002, and 27005 standards; * Experience with the NIST framework; * Knowledge of ITIL and COBIT; * Knowledge in cyber risk analysis and mitigation, including third-party risk management; * Manage cyber risks and support mitigation planning; * Knowledge of LGPD administrative and technical measures; * Certifications will be considered a differentiator; * English: Intermediate level; 1\. Information Security and Blue Team: * Monitor, detect, analyze, and respond to security incidents. * Administer and operate protection tools, including SIEM, EDR, antivirus, firewalls, IDS/IPS, servers, and endpoints. * Apply security patches and secure configurations to servers, devices, and other equipment. * Manage and remediate identified vulnerabilities, ensuring appropriate mitigation and prioritization of critical risks. * Support technology and development teams to ensure alignment between business, technical, and security requirements. 2\. Governance, Risk, and Compliance (GRC): * Develop, review, and implement security policies, standards, and procedures aligned with legal and regulatory requirements. * Identify, analyze, and assess cybersecurity risks, proposing mitigation plans. * Manage third-party risks, including control audits and action plan follow-ups. * Conduct business impact analyses (BIA), continuity planning, and disaster recovery. * Prepare detailed reports on risk analysis and incident response. 3\. Indicator and KPI Management: * Support, maintain, monitor, and report on environment KPIs and metrics (detection and response time, critical vulnerabilities, incidents by category, remediation SLAs, etc.). * Have knowledge in building managerial dashboards and strategic reports. * Analyze trends and propose continuous improvements in security posture. 4\. Projects and Continuous Improvement: * Propose, participate in, and lead corporate projects related to information security. * Implement, modify, test information security controls and configurations. * Ensure internal processes and security methodologies support company projects. * Act as a technical and strategic reference for internal departments, providing support on security-related questions and decisions. 5\. Technical Administration and Support: * Support the administration of endpoints, firewalls, servers, and Microsoft 365 solutions. * Assist in risk assessments and internal and external audits. * Provide technical and strategic support to IT and business areas on information security topics. Desired Experience and Competencies: * Practical experience with SIEM, EDR, firewalls, IDS/IPS, log analysis, vulnerabilities, and incidents. * Knowledge of frameworks and standards such as ISO 27001, NIST, COBIT, ITIL, LGPD/GDPR. * Experience in risk analysis, auditing, BIA, business continuity, and disaster recovery. * Ability to administer Microsoft 365 solutions, endpoints, and servers. * Capability to manage security KPIs and build management dashboards. * Strong communication skills to work with technical and business teams, leading training sessions and strategic projects. * Proactivity, strategic vision, and experience in corporate information security projects. 2510040202301346117