Job Summary: Strategically and operationally protect digital assets, ensuring organizational governance, compliance, and cyber resilience. Key Highlights: 1. Lead security and incident response initiatives 2. Promote continuous improvement of controls and processes 3. Support GRC and application protection projects * Strategically and operationally protect digital assets, ensuring organizational governance, compliance, and cyber resilience. Lead security initiatives, incident response, risk management, and compliance activities, promoting continuous improvement of controls and processes. **Responsibilities and Duties** * Monitor, analyze, and respond to alerts in SIEM, EDR/XDR/MDR, SOAR, and forensic tools. * Manage firewall, IDS/IPS, VPN, and ZTNA policies and controls. * Administer PAM solutions, password vaults, and third-party access. * Implement and maintain DLP, MIP, CASB, MDM/MAM controls. * Manage identities and access. * Conduct vulnerability management, penetration tests, and support compliance audits (ISO 27001, LGPD, GDPR). * Respond to incidents, fraud, and forensic investigations. * Support GRC, governance, risk, and compliance projects. * Participate in internal awareness campaigns, training sessions, and workshops. * Contribute to the evolution of SECDEVOPS practices and application protection. * Support business continuity and disaster recovery strategies. **Requirements and Qualifications** * Bachelor’s degree in IT, Computer Science, or related fields. * Proven experience (minimum 5 years) in cybersecurity, governance, risk, and compliance. * Proficiency with the tools and solutions listed in the environment’s strengths (see Responsibilities). * Advanced knowledge of networking protocols, cryptography, multi-factor authentication, and cloud security (Azure, M365, AWS is a plus). * Experience with NIST, ISO 27001, LGPD, and GDPR frameworks. * Desired certifications: CISSP, CISM, CEH, CompTIA Security+, Microsoft Security, CrowdStrike, Fortinet NSE. * Automation and scripting skills (Python, PowerShell). **Additional Information** Since 1970, when a young engineer decided to found Plaenge, our purpose has always been clear: **to be a solid, ethical company with real impact on people’s lives.** More than 55 years later, we are proud of what we have built: projects that transform cities, relationships built on respect and trust, and a team that grows alongside our story.