**Shall we seek the extraordinary together?** **Our principles** * We speak person to person * We seek the extraordinary * We bring innovation to life * We strengthen ourselves through transparency **Responsibilities and duties** **Your role will be:** Work on **security integrated into operations**, ensuring protection of infrastructure, applications, and data—from physical and network layers through development and continuous delivery processes—always aligned with security best practices and compliance. * Administer and optimize **Kubernetes clusters** and cloud infrastructure (**AWS/GCP**), focusing on availability, performance, and security. * Implement and maintain **infrastructure security controls**, including network segmentation, environment hardening, and access protection. * Create and enhance **monitoring, alerting, and security incident detection mechanisms**, aiming for preventive action. * Automate deployments and infrastructure management, ensuring **efficiency, scalability, and security by default**. * Develop and evolve **CI/CD pipelines**, incorporating security checks into the delivery workflow. * Support execution and analysis of **application security testing**, such as **DAST, IAST, and vulnerability assessments** of in-house systems. * Continuously strengthen **resilience, security, and reliability** of systems. * Collaborate with engineering teams to ensure **high availability**, sound operational practices, and security awareness. **Requirements and qualifications** **What we expect from you:** * Practical experience in **security applied to infrastructure and the software lifecycle**, understanding risks, controls, and best practices—even if you are not exclusively an offensive security specialist. * Solid experience with **Docker and Kubernetes**, including troubleshooting, scalability, and security aspects. * Hands-on knowledge of **Infrastructure as Code (IaC)** using **Terraform and/or Ansible**, including access control and environment segregation. * Experience with **Cloud Computing (AWS/GCP)**: * VPC, IAM, Load Balancers, S3, RDS * Secure configuration and automation practices. * **Security and Networking**: * Configuration and management of **Firewall and WAF** * **Access control, network policies, and threat mitigation.** * **Automation and Scripting**: * Intermediate to advanced proficiency in **Python** for operational and security automation. * **Intermediate Linux**: * Server administration * Network troubleshooting * Concepts of system hardening and security. * Familiarity with **best practices for access security**, such as user management, least privilege, and secure authentication. **You’ll stand out if you have:** * Additional knowledge in **applied security**, focused on prevention, detection, and response—without requiring an exclusively offensive profile. * Experience with **CI/CD** incorporating security checks (e.g., dependency, image, or code scanning). * Monitoring and observability with **Prometheus, Grafana**, or similar tools. * Familiarity with **penetration testing, vulnerability analysis, or security scanning** (DAST, IAST, SAST—even using off-the-shelf tools). * Administration and optimization of **SQL and NoSQL databases**, with attention to security and access. * Knowledge of **Keycloak** for authentication and identity management. * Administration of **Java-based solutions**, such as **Apache NiFi**. * Familiarity with **best practices for endpoint and network-connected device security**. **Additional information** **At Franq, you’ll:** * Work alongside experienced and renowned professionals from the financial sector; * Develop, evolve, and learn skills using best practices and cutting-edge technologies; * Participate in an innovative project that impacts customers’ financial lives and creates new ways of doing business. **We offer:** * CLT employment contract; * Flexible benefits card (Caju) worth R$ 1,033.50; * Medical and dental insurance, fully covered by the company with no copayment (Bradesco plan); * Life insurance; * Partnership with Wellhub (Gympass); * Partnerships with Psicologia Viva and Conexa Saúde; * Birthday day off; * Fruit table for Franqers working onsite. **Diversity and Inclusion at Franq!** At Franq, you have space to be frank with yourself—to be who you are! We value you regardless of race, color, religion, gender identity, nationality, disability, sexual orientation, ancestry, or age. All our positions are open to candidates with disabilities—if this applies to you, please specify it in your application and provide the corresponding CID code. **COME SEEK THE EXTRAORDINARY WITH US** Become a Franqer! \#GoFranq