A
Posted 13 hours ago
Senior Security Engineer
AvraSenior Security Engineer
Requirements
5+ years leading info security projects, ISO 27001 assessment experience, Cloud security (GCP and AWS), NIST, CIS, OWASP knowledge, DevSecOps methodologies, Secure development knowledge, LGPD/ANPD compliance experience
Skills
Cloud SecurityGCPAWSDevSecOpsISO 27001
About the role
About the Company
Avra is developing relational foundation models for corporate decision-making in Brazil. Our work focuses on native graph models for structured, high-impact forecasting problems such as credit, fraud, growth, and monitoring. We model companies, people, and their relationships as evolving networks, integrating these representations into existing decision systems for large corporate clients.
Responsibilities
- Develop and implement a strategic vision for information security aligned with business objectives
- Manage contracts, assets, and services related to the information security area
- Define information security standards and policies to protect assets and ensure business continuity
- Ensure regulatory compliance and adherence to market best practices
- Collaborate with technology teams to integrate security throughout the development lifecycle
- Analyze and handle security incidents, mapping threats and vulnerabilities
- Conduct risk management, threat modeling, and impact assessments for new products and features
- Lead training programs to develop a strong security culture within the company
- Support internal and external audits
- Monitor security KPIs and report program maturity to leadership
- Support the provision of ISMS information to clients and stakeholders
Requirements
- Over 5 years of experience leading information security projects, preferably in tech companies or startups
- Strategic, data-driven mindset focused on risk and business impact
- Experience conducting ISO 27001 assessments
- Solid knowledge of cloud security, specifically GCP and AWS
- Knowledge of security standards and frameworks such as NIST, CIS, ISO 27001, OWASP, and Application Security Testing (AST)
- Experience in secure development and security engineering
- Knowledge of DevSecOps methodologies and best practices
- Knowledge of code development
- Experience in critical scenarios and regulatory compliance (e.g., LGPD / ANPD)
ScoutJobs Agent
Get matches like this delivered daily
Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.
Get started — it's freeSenior Security Engineer
Avra · Sao Paulo
