Cybersecurity Architect, Brazil

We are tech transformation specialists, uniting human expertise with AI to create scalable tech solutions.With over 8,000 CI&Ters around the world, we’ve built partnerships with more than 1,000 clients during our 30 years of history. Artificial Intelligence is our reality.

About the Role

We are looking for a Cybersecurity Architect to join a large-scale cloud platform transformation initiative. This role will be responsible for assessing the current security posture, identifying critical gaps, and embedding enterprise security standards into a federated platform engineering model from day one. You will work closely with platform and product teams to ensure security is built into the foundation of the new operating model while enabling self-service and team autonomy.

The role requires advanced or fluent English to collaborate with distributed teams across the US, Brazil, London, and India, as well as availability to travel to London for periodic on-site engagements.

Responsibilities:-

Assess the current cloud and infrastructure security posture across AWS environments, Kubernetes platforms, and supporting services

Identify critical gaps and define a prioritized roadmap for improving security maturity across identity, runtime, network, and platform layers

Define and implement enterprise security controls across IAM governance, workload/runtime posture, and DNS security

Embed security guardrails, standards, and policies into the Platform Engineering and Cloud Center of Excellence (CoE) frameworks from the beginning of the transformation

Partner with platform teams to design secure-by-default self-service infrastructure patterns, templates, and workflows

Establish identity and access governance models including account strategy, role design, least-privilege policies, and federated access

Design and implement security standards for Kubernetes and containerized workloads, including supply chain security, workload isolation, and runtime protection

Define DNS and network security practices, including private networking, segmentation, service discovery, and threat protection

Collaborate with DevSecOps teams to integrate automated security testing, policy enforcement, and compliance checks into CI/CD pipelines

Support the creation of security observability, monitoring, incident response, and threat detection capabilities across the platform

Provide security leadership and mentoring to engineering teams to promote security ownership and best practices

Support organizational change management and stakeholder alignment to ensure security adoption across teams

Continuously evolve the security framework as the platform and operating model mature

  Requirements for this challenge:

Strong years of experience in cybersecurity, cloud security, or platform security roles

Deep expertise in AWS security, including IAM, Organizations, SCPs, GuardDuty, Security Hub, CloudTrail, KMS, and networking security

Strong experience securing Kubernetes environments, particularly Amazon EKS, including workload identity, network policies, secrets management, and runtime security

Experience designing and implementing enterprise IAM governance and access control models

Hands-on experience with DevSecOps practices and integrating security into CI/CD pipelines

Strong understanding of cloud networking, DNS security, and zero-trust architectures

Experience building security guardrails and policy-as-code using tools such as Terraform, OPA, or similar technologies

Experience performing security posture assessments, threat modeling, and risk prioritization

Strong strategic thinking with the ability to balance security, developer experience, and delivery speed

Excellent communication and stakeholder management skills across technical and executive audiences

Experience working in distributed, international teams in complex and fast-changing environments

    #LI-LO1  
Our benefits:
-Health and dental insurance-Meal and food allowance-Childcare assistance-Extended paternity leave-Partnership with gyms and health and wellness professionals via Wellhub (Gympass) TotalPass;-Profit Sharing and Results Participation (PLR);-Life insurance-Continuous learning platform (CI&T University);-Discount club-Free online platform dedicated to physical, mental, and overall well-being-Pregnancy and responsible parenting course-Partnerships with online learning platforms-Language learning platformAnd many more!
More details about our benefits here: https://ciandt.com/br/pt-br/carreiras
At CI&T, inclusion starts at the first contact. If you are a person with a disability, it is important to present your assessment during the selection process. See which data needs to be included in the report by clicking here.This way, we can ensure the support and accommodations that you deserve. If you do not yet have the assessment, don't worry: we can support you in obtaining it.
We have a dedicated Health and Well-being team, inclusion specialists, and affinity groups who will be with you at every stage. Count on us to make this journey side by side.