Cyber Security Analyst handling SOC, SIEM, and incident response for multiple sites. Analyzing incidents and improving security resilience in a hybrid working environment.
CS
Hybrid Mid-level Information Security Analyst, Focus on IAM
Posted 3 months ago
About the role
- Analista de Segurança da Informação focusing on IAM at Cruzeiro do Sul Educacional. Responsible for strengthening IAM processes and compliance.
Responsibilities
- Act as a leading figure in the design and evolution of IAM processes, proposing improvements that increase operational efficiency and robustness.
- Ensure evidence, controls, and responses for audits and regulatory bodies, meeting deadlines and delivering high-quality results.
- Create and standardize documentation, internal procedures, templates, and workflows, bringing organization and governance to the team.
- Develop and maintain effective internal controls capable of anticipating risks and ensuring compliance.
- Collaborate with internal teams and external partners to improve processes, integrations, and automations.
- Prepare and maintain operational procedures, standards, and IAM documentation (runbooks, playbooks, manuals, process diagrams, etc.).
- Execute and enhance internal controls, ensuring traceability, evidence, and compliance with policies and regulations.
- Support internal/external audit responses and communications with regulatory bodies, including preparing replies, submitting evidence, and tracking action plans.
- Support the identity lifecycle (Joiners, Movers, Leavers), ensuring adherence to access policies.
- Advise internal teams on implementing security best practices related to identities and access.
- Monitor metrics, access reports, exceptions, and team indicators, suggesting continuous improvements.
- Collaborate on automation initiatives, process reviews, and implementation of new controls.
- Identify access-related security gaps and propose mitigations and structural improvements.
- Participate in the development and evolution of access models and standards (RBAC, SoD, periodic reviews, etc.).
Requirements
- Solid knowledge of IAM controls and governance
- Access policies and standards
- Audit and compliance practices
- Preparation of technical and procedural documentation
- Experience responding to audits, regulatory requests, or certifications (e.g., ISO 27001, NIST, LGPD)
- Knowledge of IAM tools (e.g., SailPoint, Azure AD, CyberArk, or similar)
- Strong written and verbal communication skills, with the ability to produce clear and robust documentation
- Security certifications (e.g., ISO 27001 Lead Implementer/Lead Auditor, CompTIA Security+, CSF, ITIL, IDPro)
- Experience with SailPoint IdentityNow or other SaaS IAM platforms
- Experience with automations using scripting (Python, PowerShell, or GAS)
- Knowledge of RBAC, ABAC, SoD, and segregation of duties in corporate environments
- Experience implementing or reviewing periodic access review processes (Access Review)
- Familiarity with audit requirements in regulated industries (education, financial, telecom, healthcare, etc.)
Benefits
- Health insurance
- Dental insurance
- Meal allowance
- Transportation allowance
- Pharmacy benefit
- Total Pass
- Full tuition scholarship (Undergraduate or Graduate — after 3 months of employment)
- Life insurance
- Birthday day off
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Regulatory Compliance Analyst managing compliance programs across multiple frameworks for a fintech startup. Driving operational adherence and building a proactive compliance culture within the team.
Information Security Analyst designing and reviewing security architectures at Bellinati Perez. Collaborating on cloud environments and implementing security measures for projects.
Security Analyst managing and validating AI - driven investigations into cybersecurity threats. Collaborating with engineering and product teams to enhance security monitoring capabilities.
Information Security Analyst overseeing security tools and incident responses. Engaging in corporate security initiatives within a technological framework.
Cyber Security Analyst role supporting USAF Cloud One Architecture and common shared services contract. Involves compliance monitoring, incident response, and collaboration with cybersecurity teams.
Senior Cyber Security Analyst at GDIT identifying and mitigating cyber threats while ensuring compliance with NIST and ISO standards. Involves oversight of security controls and enterprise risk assessments.
Junior Information Security Analyst focusing on identity and access management at Evertec. Supporting operational activities and collaborating with IT and security teams in a hybrid setting.
Senior Cybersecurity Engineer at 3CON responsible for detection and response engineering in Brazilian pharmaceutical retail. Collaborating with teams and improving security controls continuously.
Lead Security Analyst managing operational guidance and analytical oversight for security across crisis regions. Collaborating for timely decision - making and information delivery to clients in the field.