Please submit your resume in English.
To learn more about our team and office culture in São Paulo, Brazil, visit the following links.
Careers Page:
Glassdoor: ,7_IL[…]M_-C1lsxoZq7Cx8IriVE8MkrzuTmnJzqego77RAWZz9sqGt_55BflwYKpQeg
LinkedIn:
The Opportunity
Join our Information Security team as the person responsible for the safety of our cloud-native environments. As a Cloud Security Engineer, your mission is to protect the privacy and integrity of our data by treating security as code. You'll work proactively with our IT and R&D teams to help them operate securely using automation and cutting-edge tools. If you have a solid foundation in the cloud, love the "detective work" of digging into alerts in a tool like Wiz, and take pride in building resilient systems, you'll fit right in.What You'll Do
* Architect Secure Systems: Collaborate with engineering teams to design and build cloud-native applications and infrastructure that are secure by default.
* Automated Triage: Use CSPM tools (like Wiz) to discover cloud security findings and provide clear, practical guidance to teams on how to remediate those risks.
* Manage Modern Tooling: Implement and oversee Cloud Security Posture Management (CSPM) to ensure we have 100% visibility across our cloud footprint.
* Monitor & Detect: Create new security alerts and dashboards within our infosec stack and perform threat hunting across log feeds to identify emerging risks.
* Respond to Incidents: Monitor for security incidents and lead the investigation and root cause analysis to ensure we don't just fix a problem, but prevent it from returning.
* Secure the Pipeline: Conduct security reviews and automated vulnerability scans across our cloud environments and CI/CD pipelines.
* Document & Standardize: Create and maintain infosec policies, procedures, and runbooks that document our best practices and security principles.
What You Bring
You're a cloud-native engineer who prefers automation over manual configuration. You are analytical, stay calm when investigating alerts, and enjoy the challenge of learning a complex environment from the inside out.
* Cloud Foundation: Hands-on experience working within AWS or other cloud environments and a strong understanding of cloud-native security principles.
* Infrastructure as Code: Experience with Terraform or similar tools to manage and secure infrastructure.
* Analytical Detective: You genuinely enjoy digging into cloud alerts (CSPM) to find the "needle in the haystack" and identifying the root cause of vulnerabilities.
* Technical Proficiency: Experience with automated vulnerability scanning and monitoring for security incidents across log feeds.
* Clear Communicator: You can explain technical risks in a way that helps developers take action and can document clear policies for the team.
* Continuous Learner: You stay informed on the latest vulnerabilities and are excited to apply modern security practices to a growing environment.
Bonus points if you have:
* Experience securing CI/CD pipelines.
* A background in the cybersecurity or SaaS industry.
* Familiarity with creating custom dashboards for proactive threat hunting.
Why You'll Love It Here
* Engineering-First Security Culture: We focus on automating the small things so you can spend your time on high-impact security architecture and threat hunting using cutting-edge tools.
* Remote Flexibility: This is a fully remote role, giving you the autonomy to secure our environments from wherever you work best.
* Real Impact: You'll have a direct hand in the architecture and safety of a platform that millions of users rely on every day.
* Focus on Growth: We support your development through tuition reimbursement and bonuses for obtaining relevant security certifications as you grow with the team.