IT Security Engineer M/F

Company Details
DLA Pharma is a Septodont Group company, a world leader in the manufacture of injectable anesthetics for dentistry. Located in the city of Catanduva (SP), it is one of the largest dental anesthetic factories in Latin America.

The Septodont Group has been on the market for 90 years, able to meet the needs of the dental sector with products for pain control, endodontics, restorative dentistry, infection control and much more. It employs more than 1900 people and has six production units in various parts of the world, two in Brazil, two in France, one in North America and one in India, as well as an international distribution network dedicated to meeting the needs of dental professionals in more than 150 countries.

Job Summary
The IT Security Engineer is enthusiastic about cybersecurity, understanding the business ecosystem, and committed to implementing robust security measures and technologies. They actively engage in protecting the organization's information assets and critical data from cyber attacks and risks, ensuring the security and integrity of digital projects, initiatives and processes.

The IT Securty Engineer is responsible for implementing, managing, and monitoring security measures to protect the organization's information systems and networks. This role involves hands-on technical work to ensure the security systems are effective and up-to-date, responding to security incidents, and maintaining the overall security posture of the organization.

Responsibilities
Design and Implementation Activities

• Develops, implements and maintains security solutions that enable the enterprise to protect its information assets and capabilities, ensuring alignment with business, technology, and threat drivers.
• Develops and executes security plans based on established security practices and frameworks.
• Creates and updates security documentation (e.g., configurations, procedures, standards) to leverage security capabilities in projects and operations.
• Collaborates with IT Infrastructure & Operations to establish and maintain baseline security configuration standards for operating systems (e.g., OS hardening), applications, networking, identity and access management (IAM), mobile devices, cloud environments, AI/ML services and cybersecurity platforms.
• Drafts and implements security procedures and standards, ensuring they are reviewed and approved by IT management.
• Monitors developments and changes in the digital business and threat environments to ensure they are adequately addressed in security plans and the implementation of security controls.
• Validates IT and OT infrastructure for security best practices and recommends changes to enhance security and reduce risks where applicable.
• Assesses security configurations and access to security infrastructure tools, including firewalls, SASE platform, Email Security Gateways, XDR, MDR, SIEM, and cloud environments.
• Conducts or facilitates threat modeling of services and applications to identify and mitigate risks associated with the service or application.
• Supports the development and implementation of IT security controls to protect the organization's information assets.
• Reviews security technologies, tools and services, and makes recommendations to the broader IT team for their use, based on risk and operational metrics.

Collaboration

• Works with business teams to conduct security assessments of existing and prospective vendors and services, including:
• Information systems used to process critical and strategic business data.
• Web applications.
• Cloud solution providers (IaaS, PaaS, SaaS).
• Business process outsourcing (BPOs).
• Managed service providers (MSPs).
• Partners with IT Infrastructure & Operations (I&O) to ensure security by design in infrastructure and applications, collaborating on maintaining security platforms, applications, and controls.
• Evaluates statements of work (SOWs) for vendors and service providers to ensure that adequate security protections and controls are in place.
• Collaborates with other IT members to share best practices and insights, fostering a culture of continuous improvement in cybersecurity.
• Participates in application, operations and infrastructure projects to provide security by design advice.

Qualifications
Business-Related Skills
The IT Security Engineer should share insights with the IT team and other business units. Key skills include:

Technical planning:
Interpret business, technology, and threat drivers to develop security solutions.

Communication:
Translate complex security issues into business terms for colleagues, presenting analyses in person and in writing. Full professional proficiency in English is required.

Financial analysis:
Evaluate security technologies, assess financial costs, quantify purchasing and licensing options, estimate labor costs, and calculate total cost of ownership (TCO), Return on Investment (ROI), or payback period.

Project management:
Draft project plans and coordinate with stakeholders for security services and technology implementations.

Technical-Related Skills:

• Hands-on experience managing security infrastructure: firewalls, intrusion prevention systems (IPSs), endpoint and extended detection and response (EDR/XDR), Security Information and Event Management (SIEM), and log management technologies.
• Hands-on experience with vulnerability management processes and tools.
• Experience with threat modeling methodologies to identify and mitigate risks in new applications and services.
• Experience implementing and managing security in public cloud services, primarily Microsoft Azure.

Full-Stack IT Infrastructure Knowledge:

• Applications: Understanding of application security principles and practices.
• Databases: Knowledge of database security.
• Operating Systems: Proficiency in Windows server and workstation versions (mandatory) and Linux (desirable).
• Hypervisors: Experience in securing virtualization technologies.
• Networks: Knowledge of WAN, LAN, SASE security practices.
• Backup Solutions: Experience with backup solutions, especially Veeam.

Identity and Access Management (IAM):

• Experience with Windows Active Directory and Azure Entra ID.
• Knowledge of Privileged Access Management (PAM) and Privileged Identity Management (PIM) solutions.

IT Service Management:

• Change Management: Understanding of processes to manage changes in IT services.
• Configuration Management: Knowledge of maintaining information about configuration items required to deliver IT services.
• Asset Management: Experience in managing IT assets to ensure they are secure.
• Incident Management: Skills in managing and resolving incidents to restore normal service operation.
• Problem Management: Ability to identify and manage the root causes of incidents.

Knowledge of Cybersecurity Frameworks: Familiarity with frameworks like NIST Cybersecurity Framework (CSF) and ISO 27001.

Collaboration Tools: Knowledgeable in Microsoft 365 collaboration tools.

Cybersecurity certifications are considered a plus:

• ISACA CISM.
• ISC2 CISSP.
• Microsoft Cybersecurity Architect Expert - SC100.

Contract type
Permanent