Ensure the availability, security, and compliance of UpFlux's information technology environments, with a focus on infrastructure, data protection (LGPD/GDPR), and cybersecurity. ### **Main Responsibilities** ### **IT Infrastructure** * Manage servers, networks, and cloud environments (Windows, Linux, ProxMox, Hyper\-V, AWS, Azure). * Monitor availability, performance, and continuity of IT services. * Implement and maintain backup, recovery, and business continuity policies. * Support the support team in infrastructure-related incidents. ### **Information Security** * Implement and maintain security controls based on frameworks such as NIST, ISO 27001, and CIS Controls. * Conduct vulnerability management, patch application, and security audits. * Monitor and respond to security incidents (SOC/SIEM). * Manage access, multi-factor authentication, and password policies. * Conduct security testing, risk assessments, and support awareness campaigns. ### **Privacy and Data Protection (DPO)** * Ensure compliance with LGPD and other related regulations. * Map and maintain the inventory of personal and sensitive data. * Implement privacy policies and data governance. * Act as the point of contact with ANPD. * Support contract analysis with suppliers and conduct internal training. * Respond to security, privacy, and compliance questionnaires sent by clients during hiring processes, ensuring alignment with legal requirements and market best practices. * Support commercial and legal teams in negotiations involving contractual clauses related to information security and data protection. ### **Desirable Technical Requirements** ### **Infrastructure** * Windows Server, Linux, Active Directory, virtualization (ProxMox, Hyper\-V). * Cloud environments (AWS). * Monitoring and backup and recovery policies. ### **Security** * Firewall (Fortinet), corporate antivirus, VPNs, MFA, encryption. ### **Privacy / DPO** * Knowledge of LGPD/GDPR, impact assessment (DPIA), compliance, and data governance. ### **Standards and Tools** * ISO 27001, ISO 27701, NIST, CIS Controls, ITIL, COBIT. ### **Education** * Bachelor's degree in Computer Science, Computer Engineering, Information Systems, or related fields. * Postgraduate or specialization in Information Security, IT Management, or Data Privacy will be considered a plus. ### **Level and Work Model** * **Level:** Mid-level / Senior * **Model:** On-site