IT and Information Security Coordinator

This is a fully remote position, open to applicants in Brazil.

📋 Description

• Deliver technical support to internal users by identifying and resolving intricate IT and security-related challenges.

• Oversee and configure IT assets, ensuring a secure and compliant operational environment.

• Manage identity and access protocols, including user provisioning, de-provisioning, and the enforcement of least privilege principles.

• Administer and set up endpoint protection tools, antivirus solutions, patch management systems, and Mobile Device Management (MDM) tools.

• Assist in the implementation and upkeep of internal IT and security policies and documentation.

• Work jointly with the security and compliance teams to conduct risk assessments, perform internal audits, and implement Governance, Risk, and Compliance (GRC) controls in accordance with privacy laws and the CIS Critical Security Controls framework.

• Ensure adherence to best practices in daily operations concerning systems, access management, and incident response.

• Stay informed about industry trends and threats to provide recommendations for enhancements and preventive strategies.

• Educate employees on security policies, raise awareness, and promote safe practices.

• Manage AWS environments while applying optimal security practices, which include provisioning access and permissions, implementing security features, and monitoring for suspicious activities.

• Collaborate with the engineering team to enhance the security of Continuous Integration/Continuous Deployment (CI/CD) pipelines, assist in addressing vulnerabilities, and conduct security assessments of changes related to Infrastructure as Code (IaC).

• Aid clients in the implementation and maintenance of Single Sign-On (SSO) integrations.

• Partner on strategic departmental planning that aligns with business objectives, utilizing OKRs, roadmaps, business plans, and budget considerations.

⛳️ Requirements

• Demonstrated experience with both Windows and Unix-like operating systems.

• Strong expertise in providing technical support to end users.

• Familiarity with access management processes, including the secure provisioning and revocation of access.

• In-depth knowledge of Google Workspace and Slack administration from a security perspective.

• Practical experience in configuring and managing antivirus solutions, patch management systems, and MDM tools.

• Understanding of cloud platforms, particularly AWS, and strategies for securing workloads in these settings.

• Knowledge of information security best practices and frameworks, especially CIS Critical Security Controls and privacy regulations such as LGPD and GDPR.

• Proven experience with CI/CD pipelines, SAST/DAST tools, Git, and Infrastructure as Code (IaC).

• Familiarity with authentication protocols including SAML, OpenID, and OAuth2, along with hands-on experience in configuring SSO integrations.

• Proficient in drafting clear procedures, internal policies, and documentation in English.

• Fluency in spoken Portuguese and English is essential, as it will be used daily to engage with team members, partners, and vendors across various countries.

🏝️ Benefits

• Competitive salary and performance-based bonuses.

• Comprehensive health, dental, and vision insurance.

• Opportunities for professional development and continuous learning.

• Flexible working hours and remote work options.

• A collaborative and inclusive work environment.