Security Engineer

Security at TRACTIAN
In a data-driven company like TRACTIAN, Security is essential for protecting sensitive information and maintaining the integrity of our systems. This team implements rigorous security protocols, continuously monitors threats, and ensures compliance with industry standards to safeguard our data infrastructure. By securing data flows and preventing unauthorized access, the Data Security team plays a crucial role in protecting both our internal operations and the data we manage for clients.

What you'll do
As a Security Engineer, you will be responsible for safeguarding the company’s digital assets, ensuring that all systems, applications, and data are protected from vulnerabilities and threats. You will play a key role in designing and implementing security protocols, conducting risk assessments, and responding to incidents to protect the integrity of the organization’s infrastructure. The ideal candidate will have a strong foundation in security best practices and experience in identifying, mitigating, and responding to security issues across a variety of systems and platforms.

Responsibilities

• Design and implement secure, scalable, and highly available cloud-based solutions.
• Work closely with development teams to integrate security into the software development lifecycle, including code reviews, threat modeling, and vulnerability assessments.
• Develop and maintain continuous integration and delivery (CI/CD) processes and tools, ensuring that security practices are applied at every stage.
• Responsible for managing and maintaining advanced endpoint protection solutions, ensuring proactive threat detection, response, and mitigation across all systems and devices.
• Work with security tools, including SIEM, SAST, DAST and IAST, to monitor, detect, and respond to security incidents
• Responsible for improving and creating internal security policies, including vulnerability management and incident response procedures.
• Respond to remediate security incidents and vulnerabilities in a timely and effective manner.
• Stay current with emerging technologies and industry trends in DevOps, Security, and Software Engineering.

Requirements

• Bachelor's or Master's degree in Computer Science, Information Technology, or a related field.
• 4+ years of experience in Security Engineering.
• Background in cloud-based solutions, preferably using AWS, and cloud security.
• Familiarity with security tools, such as vulnerability scanners, intrusion detection systems, DAST and SIEM solutions.
• Excellent problem-solving skills and the ability to respond effectively to security incidents.
• Knowledge of best practices for securing cloud environments and managing access controls
• Knowledge of cloud services integration, digital certification, and security standards such as OAuth, OpenID Connect, and SSL/TLS.
• Proven experience with web application firewalls (WAF) and cloud security solutions, including platforms like Cloudflare or similar.
• Familiarity with legal compliance frameworks such as LGPD, GDPR, CCPA, ISO 27001, NIST 800-61, SANS and SOC 2.
• Intermediate English level (B2).