Ativa os alertas de emprego por e-mail!

Application Security Engineer | Senior Associate [tag01]

PwC Brasil

Barueri

Presencial

BRL 80.000 - 120.000

Tempo integral

Há 5 dias

Torna-te num dos primeiros candidatos

Melhora as tuas possibilidades de ir a entrevistas

Cria um currículo adaptado à oferta de emprego para teres uma taxa de sucesso superior.

Resumo da oferta

A leading company is seeking a skilled professional in information security to join their team. The role involves assessing compliance with security standards, conducting vulnerability assessments, and collaborating with teams to mitigate risks. Ideal candidates will have a strong technical background and excellent communication skills, with opportunities for growth in a global environment.

Qualificações

Experience in information security and IT management.
Advanced English for conversation.

Responsabilidades

Conduct analysis of penetration testing reports to identify vulnerabilities.
Perform detailed vulnerability assessments and prioritize weaknesses.
Prepare reports summarizing findings of assessments.

Conhecimentos

Communication

Stakeholder Management

Risk Evaluation

Continuous Improvement

Formação académica

Bachelor’s degree in IT

Bachelor’s degree in IS

Bachelor’s degree in Risk and Compliance

Job Description & Summary

The GTSEC organization is seeking a skilled and experienced professional to join our organization. The role will be responsible for working with vendors and application development teams to assess compliance with the firm's Information Security standards via application security review programs to ensure the confidentiality, integrity, and availability of our organization's information assets and reduce the possibility of information breaches. The ideal candidate will possess a strong technical background, risk-based mindset, planning expertise, and exceptional relationship-building skills.

If you are seeking an exciting career with the scope to grow your cybersecurity expertise through major change on a global scale, then GTSEC will empower you to do so. Our mission protects 375,000 PwC members across 152 member firms worldwide as well as our global clients.

You'll work from day one as part of an international team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

Experience progressively responsible roles in information security and/or IT management.
Penetration Test Report Analysis:

Conduct thorough analysis and interpretation of penetration testing reports to identify security vulnerabilities.
Evaluate the severity and potential impact of identified vulnerabilities on the organization's security posture.

Vulnerability Assessment:

Perform detailed vulnerability assessments to detect and prioritize security weaknesses.
Utilize various tools and methodologies to ensure comprehensive coverage of potential threats.

Risk Evaluation:

Assess the risk associated with identified vulnerabilities and provide actionable recommendations to mitigate these risks.
Collaborate with cross-functional teams to develop and implement effective remediation strategies.

Documentation and Reporting:

Prepare clear and concise reports summarizing the findings of vulnerability assessments and penetration tests.
Ensure documentation is accurate, comprehensive, and accessible to relevant stakeholders.

Continuous Improvement:

Stay updated with the latest security trends, vulnerabilities, and threat landscapes.
Contribute to the continuous improvement of vulnerability management processes and practices.

Communication and Collaboration:

Work closely with internal teams and external partners to ensure a coordinated approach to vulnerability management.
Provide expert guidance and support to stakeholders in understanding and addressing security vulnerabilities.

Compliance and Standards:

Ensure all activities comply with relevant security standards, regulations, and best practices.
Support the organization in maintaining a robust security posture and achieving compliance objectives.

Training and Awareness:

Assist in developing and delivering training programs to raise awareness of security vulnerabilities and best practices among employees.
Promote a culture of security awareness across the organization.

Demonstrable experience in stakeholder management, including influencing others through leadership interactions across a broad structure to build and maintain relationships across a network to effectively deliver security activities;

Proven success in supporting and/or coordinating Information Security Governance to reduce repeat findings and improve processes;

Developing team-building skills that foster an inclusive and collaborative environment for stakeholders and team members;

Excellent communication, facilitation, and presentation skills suitable for all levels of audiences, including internal staff and management;

Knowledge of Network Information Security concepts, principles, and standards, especially in large enterprise environments, preferably for a multinational or global firm.

Graduation

Bachelor’s degree in IT, IS, or Risk and Compliance related fields. Industry certifications are a plus.

Language

Advanced English for conversation.

#LI-DNI

We unite expertise and tech so you can outthink, outpace, and outperform.

Obtém a tua avaliação gratuita e confidencial do currículo.

ou arrasta um ficheiro em formato PDF, DOC, DOCX, ODT ou PAGES até 5 MB.

Ofertas semelhantes