IT and Information Security Coordinator

About Tenchi 

Tenchi is a Cyber Security company that is building innovative technology focused on Third-Party Cyber Risk Management for businesses. Founded by serial entrepreneurs and backed by a solid group of Institutional Investors, we seek to disrupt this rapidly growing industry. 

Our company is 100% remote and our team is spread across the globe, including Brazil, US, Canada, Argentina, and Spain. We strive to get the best professionals in the field so our team can build an amazing product focused on our client's needs.

Technology and Security, especially Cloud Security, are what define our products and DNA. We seek people with a passion for what they do and who believe that Security is essential to everything. We hire people of all kinds from diverse backgrounds. What unites them is passion.

About the Role
As an IT and Information Security Coordinator, you will play a key role in managing our IT infrastructure while strengthening the company's security posture and regulatory compliance. This position requires deep technical knowledge and hands-on experience in systems, user support, and cloud security practices. You will also collaborate on Governance, Risk, and Compliance (GRC) initiatives and ensure our environment aligns with leading security frameworks, and provide assurance of that compliance to our enterprise customers.

Key Responsibilities:

• Provide technical support to internal users, identifying and resolving complex IT and security-related issues.
• Manage and configure IT assets and ensure secure and compliant environments.
• Oversee identity and access management, including user provisioning, de-provisioning, and enforcement of least privilege principles.
• Administer and configure endpoint protection tools, antivirus, patch management systems, and Mobile Device Management (MDM) solutions.
• Support the implementation and maintenance of internal IT and security procedures and documentation.
• Collaborate with the security and compliance teams in conducting risk assessments, internal audits, and implementing GRC controls aligned with privacy and other applicable legislation and the CIS Critical Security Controls framework

• Ensure best practices are followed in day-to-day operations regarding systems, access, and incident response.
• Keep up with industry trends and threats to advise on improvements and preventive measures.
• Educate employees on security policies, awareness, and safe practices.
• Administer AWS environments and apply best security practices, including provisioning access and permissions, implement security features, monitoring and investigating suspicious activities.
• Collaborate with the engineering team to improve the security of CI/CD pipelines, assist in remediating vulnerabilities, and perform security reviews of changes involving Infrastructure as Code (IaC).
• Assist clients in implementing and maintaining SSO integrations.
• Collaborate on strategic planning for the department in alignment with business needs, utilizing OKRs, roadmaps, business plans, and budget planning.

Requirements

• Proven experience with Windows and Unix-like operating systems.
• Strong background in providing technical support to end users.
• Experience with access management processes, including provisioning and revoking access securely.
• Strong background with Google Workspace and Slack administration from a security perspective.
• Hands-on experience configuring and managing antivirus software, patch management systems, and MDM tools.
• Knowledge of cloud platforms, especially AWS, and how to secure workloads in these environments.
• Understanding of information security best practices and security frameworks, in particular CIS Critical Security Controls and privacy legislation like LGPD and GDPR..
• Proven experience with CI/CD pipelines, SAST/DAST tools, Git, and Infrastructure as Code (IaC).
• Knowledge of authentication protocols such as SAML, OpenID, and OAuth2, with hands-on experience configuring SSO integrations.
• Comfortable writing clear procedures, internal policies, and emails/documentation in English.
• Spoken Portuguese and English fluency is mandatory and will be used daily to interact with team members, partners and vendors in several countries.

Benefits

• We foster a welcoming and collaborative environment where people can grow, share knowledge, and continuously improve.
• We believe in hands-on learning and provide access to development tools, encouraging participation in scientific publications, conferences, and workshops relevant to our expertise.
• We offer a competitive compensation package and the flexibility to work from anywhere in the world, allowing you to balance work and life in a way that suits you best.