Mid-level Cybersecurity Analyst
São Paulo, São Paulo, Brazil
Full Time
2 weeks ago
No Sponsorship
Key skills
CloudAkamaiOWASPCloud SecurityWAF
About this role
Role Overview
- Orchestrate cloud security governance and strategic vulnerability management within the IT environment, assessing cyber risks in projects and vendors to ensure technological resilience, protection of beneficiaries' sensitive data, and business continuity in compliance with healthcare regulations.
- Lead cloud security posture management (CSPM), serving as the technical liaison between consultancies and IT teams to define mitigation plans, validate recommendations, and implement effective compensating controls.
- Ensure the integrity of the IT lifecycle by orchestrating the remediation of complex vulnerabilities and anticipating end-of-life risks for systems, applications, and infrastructure with support teams.
- Mitigate supply chain risks by evaluating vendors' cybersecurity maturity against global frameworks (ISO 27001, NIST, CIS) and establishing action plans to ensure partner compliance.
- Ensure Security by Design for new projects by defining technical requirements and testing controls prior to production release to prevent exposure of vulnerabilities in the clinical environment.
- Lead strategic response to complex incidents by coordinating crisis rooms, defining containment and eradication actions, and preparing post-mortem reports to strengthen the defensive architecture.
- Enable the evolution of cybersecurity architecture by conducting comparative studies of new technologies and supporting the implementation of cutting-edge solutions, ensuring deliveries adhere to market best practices.
- Support regulatory compliance and audits by acting as the technical focal point for evidence collection and responses to internal and external assessments, aiming to maintain certifications and comply with ANS and LGPD.
- Promote the stability of security tools by managing critical configuration and adjustment requests with partners, ensuring high availability of protective controls.
Requirements
- Bachelor's degree in Information Technology, Computer Science, Computer Engineering, Information Systems, or Cyber Defense.
- Experience managing cybersecurity tools such as ZTNA, NAC, XDR, WAF, CSPM, and PAM.
- Experience with Vulnerability Management and Cyber Incident Response processes.
- Solid knowledge of security frameworks: ISO 27001, NIST, CIS, MITRE ATT&CK, and OWASP.
- Strong understanding of Cloud Computing and Cloud Security.
- Advanced English (will participate in meetings with foreign vendors).
- Preferred:
- Previous experience with Akamai WAF and ZTNA solutions such as Netskope or Palo Alto.
- Experience in the healthcare and hospital environment.
- Postgraduate studies in progress in Cybersecurity, Information Security, Cyber Defense, or Ethical Hacking.
Tech Stack
- Cloud
Benefits
- Not specified