Monitor and analyze security events, identifying potential incidents and acting proactively; Support investigation and response to security incidents, including evidence collection and forensic analysis; Implement and maintain cybersecurity controls (firewalls, antivirus, DLP, IPS/IDS, ZTNA, WAF etc...); Perform vulnerability assessments and support the definition of mitigation plans; Review and ensure enforcement of information security policies, standards and procedures; Support internal and external audits related to security; Support risk assessments on systems and projects; Monitor and support security awareness campaigns for employees and customers; Work in partnership with IT, legal, compliance and other teams to ensure data security; Support projects for compliance with LGPD, ISO 27001, and other applicable regulations; Produce technical and executive reports on the state of information security within the organization; Support SOC area, implementation, support, documentation and processes; Responsible for collecting, enriching and disseminating threat intelligence, integrating IOCs into security tools and supporting SOC in incident detection and response; Implement and manage access profiles and roles in critical systems; Configure and administer SOC solutions such as SIEM, SOAR, NDR, XDR etc...; Conduct phishing campaigns to improve security culture among employees and customers; Perform internal and external pentests to enhance internal and customer environments; Perform hardening, i.e., apply security policies, disable unnecessary services, strengthen passwords and keep environments updated; Prioritize and remediate vulnerabilities according to severity; Contain ongoing attacks; Use tools such as Metasploit, Burp Suite, Nmap to identify and exploit vulnerabilities; Develop custom payloads for controlled testing; Log, classify and monitor security events even if they are not attacks (e.g.: backup failure, misuse of resources); Assist in selection and approval of tools such as antivirus, DLP, firewall etc...; Hold meetings with clients to analyze and understand requirements; Participate in training sessions for solutions resold or provided by the company; Create documented information: IT (work instruction), FP (process sheet), following company standards and policies in accordance with Quality guidelines; All activities described in this RCF must be performed in accordance with the company's information security and privacy policies, standards, processes and procedures. Job type: Full-time CLT Pay: starting at BRL 3,000.00 per month Benefits: * Medical insurance * Dental insurance * Commercial agreements and discounts * Profit sharing * Life insurance * Meal allowance * Transportation allowance Selection questions: * Do you have training or certification in: Security+ or ISO 27001? * How many years of experience do you have in Information Security? * Do you have practical experience in security monitoring or vulnerability management? * Do you have practical knowledge in Firewalls, Pentest, or Cybersecurity Solutions? * Do you hold any of the following certifications: CompTIA; Security+; ISO 27001 Foundation; or CompTIA Pentest+?