We are looking for an Information Security Architect to define and evolve secure architectures in strategic projects, digital products, and cloud environments.

What you will do

• Design and review solution, application, and integration architectures with a focus on security.
• Define principles, reference models, and mandatory guidelines for engineering and architecture teams.
• Evaluate patterns for microservices, APIs, messaging, events, storage and secure data processing.
• Collaborate with squads, corporate architecture, and platform teams on high-impact projects.
• Ensure that new products, services, and integrations adhere to security best practices.
• Assess risks and propose effective countermeasures during the conception and implementation phases.
• Develop and review architectures on AWS, Azure, or GCP, focusing on:
  • IAM, roles, policies, and governance
  • networks and secure segmentation
  • workload, container, Kubernetes, and serverless security
  • data protection, encryption, KMS, and HSM
• Conduct and lead threat modeling sessions for new products and critical functions.
• Identify attack surfaces, applicable TTPs, and mitigating controls.
• Document risks and present technical and executive recommendations.

What we are looking for

• Solid experience in security architecture.
• Experience with cloud computing and modern infrastructure environments.
• Ability to act as a consultant with technical teams and business stakeholders.
• Strong foundation in risk analysis, applied security, and solution design.
• Strategic vision, collaborative profile, and a focus on technical decision-making.

Differentials

• Experience with complex environments, integrations, and corporate platforms.
• Knowledge in microservices, APIs, messaging, and event-driven architecture.
• Experience with containerization, Kubernetes, and serverless.
• Experience with architecture documentation and executive presentation of risks.