Security Tech Lead

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Security Tech Lead in Brazil.

This Security Tech Lead role is a strategic and hands-on position responsible for driving the overall cybersecurity posture across cloud, applications, infrastructure, and product environments. You will lead security initiatives that ensure data protection, regulatory compliance, and resilient system architectures in a fast-evolving SaaS environment. Acting as a key technical reference, you will collaborate closely with engineering, DevOps, and product teams to embed security by design across the entire development lifecycle. The role combines governance, risk management, incident response, and technical implementation of security controls. You will also play a critical part in shaping security culture, improving maturity levels, and guiding decisions that impact architecture and risk prioritization. This is a high-impact leadership role at the intersection of technology, security, and business strategy.

Accountabilities:

• Lead security risk assessments across cloud environments, systems, applications, and internal processes, ensuring proactive identification and mitigation of vulnerabilities.
• Define, implement, and maintain information security policies, standards, and procedures aligned with frameworks such as ISO 27001, NIST, LGPD, SOC 2, and OWASP.
• Oversee security monitoring and incident response processes, including coordination of investigations, detection mechanisms, and post-incident improvements.
• Support implementation and evolution of security tools such as SIEM, WAF, IDS/IPS, EDR, DLP, and vulnerability management platforms.
• Drive DevSecOps practices by collaborating with engineering and DevOps teams to embed security into CI/CD pipelines and software development lifecycles.
• Ensure secure identity and access management practices, including MFA, SSO, RBAC, PAM, and periodic access reviews.
• Lead application security initiatives, including vulnerability assessments (SAST/DAST), penetration test analysis, and secure development practices.
• Act as the primary security reference for audits, RFPs, client assessments, and compliance documentation.
• Develop security roadmaps aligned with business strategy, contributing to architecture decisions and risk-based prioritization.
• Promote security awareness, training programs, and a strong security-first culture across the organization.

Requirements:

• Bachelor’s degree in Computer Science, Computer Engineering, Information Security, or related fields.
• Strong experience in Information Security roles within SaaS, PaaS, or cloud-native environments.
• Deep knowledge of security frameworks and standards such as ISO 27001, NIST, LGPD, SOC 2, and OWASP Top 10.
• Hands-on experience with cloud platforms (AWS and/or OCI), CI/CD pipelines, DevSecOps practices, and IAM governance.
• Experience with security tools such as SIEM, WAF, EDR, vulnerability management, and PAM solutions.
• Proven background in incident response, security monitoring, and risk management.
• Experience supporting external audits and responding to client security requirements and questionnaires.
• Strong analytical thinking with a structured and risk-oriented mindset.
• Excellent communication skills, with the ability to interact with both technical teams and business stakeholders.
• Certifications in cybersecurity or cloud security are considered a strong plus.

Benefits:

• Meal voucher and food allowance.
• Health insurance (SulAmérica) and dental plan (Care Plus).
• Home office support allowance.
• Wellness platforms and mental health support (Wellhub, Psicologia Viva, Conexa Saúde).
• Birthday day off.
• Life insurance coverage.
• Partnerships with SESC for cultural and leisure activities.
• Inclusive, collaborative, and people-centered work environment.
• Strong focus on professional development and continuous learning.

How Jobgether works: We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best!  Why Apply Through Jobgether?    Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.     #LI-CL1