Information Security Analyst

What You’ll Do:

Compliance and Audit Support
• Provide assistance in conducting security and privacy audits aligned with standards such as ISO 27001, SOC 2 Type II, NIST 800-53, GDPR, LGPD, and others. Work closely with the Information Security Officer (ISO) and Data Protection Officer (DPO) to address audit findings, implement corrective measures, and maintain ongoing certification readiness. Collect and analyze compliance-related data from various systems and departments to support continuous improvement.
Vulnerability Management
• Identify, consolidate, and assess vulnerabilities across multiple environments. Prioritize remediation efforts and collaborate with IT teams to resolve issues efficiently. Monitor, track, and report on vulnerability trends and remediation statuses to maintain a strong security posture.
Security Operations
• Support IT teams in strengthening organizational security through the implementation and management of tools such as Single Sign-On (SSO), Multi-Factor Authentication (MFA), Mobile Device Management (MDM), and endpoint protection solutions. Perform log analysis and contribute to configuration management efforts to enhance visibility and control. Design and deliver security awareness and training programs to foster a security-conscious culture among employees.
Cross-Team Coordination
• Collaborate with teams across four distinct companies within Symplicity to harmonize security and privacy initiatives, accommodating varying technology stacks and cloud providers. Lead cross-functional coordination efforts to ensure consistent adherence to security policies and best practices.
Project Management (Preferred)
• Assist in managing security and compliance projects, ensuring timely delivery and alignment with strategic goals. Facilitate collaboration among teams and stakeholders to drive successful outcomes, even in complex or multi-entity environments.

What We’re Looking For:

• Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience).
• Advanced English
• Proficiency.2–4 years of experience in information security, compliance, or related roles.
• Familiarity with compliance frameworks like ISO 27001, SOC 2, NIST 800-53, GDPR, and LGPD.
• Experience with vulnerability management tools and practices.
• Knowledge of security technologies, including SSO, MFA, MDM, etc.
• Strong analytical skills, particularly in log analysis and configuration management.
• Excellent organizational and communication skills.
• Ability to collaborate effectively with diverse teams across multiple organizations.

Bonus Points for:

• Project management experience or certifications (e.g., PMP, CAPM).
• Experience in environments utilizing multiple cloud service providers (AWS, Azure, OCI).