Security Tech Lead in Brazil, Indiana at Jobgether

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Security Tech Lead in Brazil.

This role is a key technical leadership position within the information security function, responsible for shaping and driving the company’s security strategy across cloud, applications, and infrastructure. You will act as both a hands-on expert and strategic leader, ensuring security is embedded across all layers of technology and product development. The environment is highly collaborative and innovation-driven, requiring close work with engineering, DevOps, product, and compliance teams. You will play a central role in strengthening security maturity, reducing risk exposure, and ensuring regulatory compliance in line with global frameworks. This position involves leading initiatives in incident response, cloud security, DevSecOps, and identity management. You will also serve as a key security reference for internal teams, clients, and external auditors, directly influencing trust and reliability across the business.

• Lead and evolve the organization’s information security strategy, ensuring protection of systems, infrastructure, products, and data across all environments.
• Assess and manage security risks across cloud platforms, applications, internal processes, and new initiatives, defining mitigation and action plans.
• Define, implement, and maintain security policies, standards, and procedures aligned with frameworks such as ISO 27001, NIST, LGPD, SOC 2, and OWASP.
• Drive security monitoring and incident response processes, including SIEM, WAF, IDS/IPS, EDR, and vulnerability management tools.
• Coordinate and support security incident investigations, simulations, and continuous improvement of response processes.
• Lead cloud security initiatives in AWS and/or OCI, ensuring secure architecture, access control, encryption, and automation best practices.
• Partner with DevOps and engineering teams to embed DevSecOps practices into CI/CD pipelines and product development cycles.
• Oversee Identity and Access Management (IAM), including MFA, SSO, RBAC, PAM, and periodic access reviews.
• Define and promote secure software development practices, including vulnerability analysis (SAST, DAST) and OWASP-based guidelines.
• Act as a technical reference for audits, RFPs, and client security assessments, supporting commercial and technical teams.
• Promote security awareness initiatives and contribute to the definition of the security roadmap aligned with business strategy.

• Bachelor’s degree in Computer Science, Computer Engineering, Information Security, or related fields.
• Strong experience in Information Security, ideally in SaaS, PaaS, or cloud-native environments.
• Deep knowledge of security frameworks and standards such as ISO 27001, NIST, LGPD, SOC 2, and OWASP.
• Hands-on experience with cloud environments (AWS and/or Oracle Cloud Infrastructure), DevSecOps practices, and CI/CD pipelines.
• Experience with security tools such as SIEM, WAF, EDR, vulnerability management platforms, and PAM solutions.
• Proven experience in IAM governance, including access control, privileged access, and identity lifecycle management.
• Familiarity with security audits, client questionnaires, and external compliance assessments.
• Strong communication skills with the ability to engage both technical and non-technical stakeholders.
• Analytical mindset, structured thinking, and a strong focus on continuous improvement.
• (Nice to have) Certifications in information security and cloud technologies, and experience with ISO 27001 implementation.

• Meal and food allowances.
• Comprehensive medical and dental assistance plans.
• Wellhub access for fitness and wellness support.
• Mental health and telehealth support platforms.
• Home office allowance to support remote work setup.
• Birthday day off.
• Life insurance coverage.
• Partnerships with wellness and lifestyle institutions.
• Collaborative and people-focused work environment with strong emphasis on professional development.