We are looking for a senior cybersecurity specialist to lead the data protection strategy, application security, and regulatory compliance. You will be the technical reference for implementing security architecture in high-scale environments, ensuring the integrity of our products.

Requirements:

• Cloud Security Architecture: Experience in designing and implementing cybersecurity controls aligned with the business; Implementation and management of security pipelines with SAST, DAST, and SCA practices; Mastery of concepts such as Zero Trust, Service Mesh, and network security for traffic control/security between microservices.
• Process Mapping: Ability to analyze corporate workflows and identify information security vulnerabilities.
• Risk Management (Qualitative/Quantitative): Proficiency in techniques for identifying, qualitatively/quantitatively assessing, and prioritizing risks.
• Financial Software Security: Solid experience with security architectures geared toward the financial market (e.g., API protection, encryption, PCI-DSS, Central Bank regulations, etc.).
• Governance, Risk, and Compliance: Structuring the security area, defining policies, and practical application of LGPD (General Data Protection Law) in distributed and multicloud architectures.
• Resilience & Crisis Management: Precise, calm, and effective action in responding to critical incidents, exposed vulnerabilities, and data breaches.
• Cross-functional Collaboration & Diplomacy: Ability to negotiate security priorities with Product and Engineering teams without blocking business deliveries.
• Leadership and Continuous Development: Disseminate a culture of Cybersecurity within development teams, raising the company's technical bar.

You will stand out if you have:

• Experience with HIPAA (Health Insurance Portability and Accountability Act)
• Governance for AI usage
• Experience in incident response and cyber resilience against automated attacks
• Experience in designing defenses and mitigating cyber threats enhanced by AI (AI-driven threats) and Adversarial Machine Learning techniques.
• Knowledge of compliance automation tools (Policy as Code).
• Experience with TPRM (third-party risk management)
• Experience with Risk Management Frameworks (NIST Cybersecurity Framework, NIST SP 800-30, ISO 27001, ISO 27002, PCI-DSS, SOC 2 Type II)
• Data-driven decision-making experience

Benefits:

• 13th salary
• 14th salary based on performance and goals
• Paid leave

Contract Model - Hybrid

Employment Type - Full-time

Industry - Financial Services

About MedSimples

MedSimples arrived to simplify the financial life of healthcare professionals and payers. With transparency, security, efficiency, and cutting-edge technology, we create value for our clients by offering management tools and services that help facilitate your day-to-day. We are leaders in digital transformation in the healthcare sector.

Our solutions include schedule and payment management, collection and validation of invoices, clinic and professional accreditation, electronic health records oriented toward clinical protocols, and AI solutions for evidence-based medicine.

If you are someone who seeks to be in an environment of growth, innovation, and collaboration, come join our team! You will have the opportunity to work as a Senior Cybersecurity Analyst on the technology team.

Come build a successful career with us, submit your application, and come make a difference!

💙 MedSimples: the best network for efficiency in healthcare in Brazil 💙