Cybersecurity Architecture Specialist

All qualified candidates will be considered for this position without regard to ethnicity, religion, sexual orientation, gender identity, age, nationality, or disability. We constantly promote a culture of inclusion and diversity, encouraging our employees to contribute their best. Our most precious asset is our people, and Unicred do Brasil promotes equal opportunities for all.

Our work model at Unicred is hybrid, requiring in-person attendance two days a week at our headquarters. Currently, our headquarters are located in Porto Alegre and São Paulo, featuring multifunctional environments that promote interaction, experience exchange, and collaboration. We also offer remote/home office positions for professionals residing in other regions of Brazil. We focus on inspiring experiences for a journey of growth and innovation.

Do you identify with this? Come cooperate with us!

Responsibilities and Duties

• Lead the definition and implementation of secure architectures in on-premises, cloud, and hybrid environments.
• Translate business requirements into secure, scalable solutions that adhere to market standards and regulations.
• Support leadership with technical data for strategic decisions and security investments.
• Develop technical documentation, architecture diagrams, and security reference standards.
• Act as a technical mentor, promoting team evolution and disseminating best practices.
• Ensure compliance with internal regulations, regulatory standards (BACEN, CVM, LGPD, NIST, ISO, etc.), and security frameworks.
• Evaluate technical risks and impacts, ensuring resilience, continuity, and high availability in solutions.
• Conduct threat modeling sessions and risk analysis with product, development, and infrastructure teams.
• Perform technical assessments of environments, mapping gaps, vulnerabilities, and opportunities for improvement in architecture and security controls.
• Support incident response and forensics initiatives with architectural vision and structural recommendations to prevent recurrence.
• Define network protections for API gateways, including WAFs with token validation, mutual TLS, and rate limiting.
• Contribute to corporate architecture development by incorporating security principles from the design phase.
• Design secure architectures for digital journeys, including login, authentication, password recovery, onboarding, and sensitive transactions.
• Define technical security and anti-fraud requirements for digital channels (apps, internet banking, public APIs), balancing member experience and risk.
• Map exposure points and architectural weaknesses to propose structural and systemic countermeasures against fraud.
• Define architectures with perimeter controls, microsegmentation, and Zero Trust Network Access (ZTNA) to prevent lateral movement.

Requirements and Qualifications

• Experience defining secure cloud architectures (AWS, Azure, GCP), including design, implementation, automation, and compliance.
• Knowledge of secure architecture for Windows, Linux, and Unix systems, focusing on hardening, access control, and resilience.
• Ability to design Zero Trust environments with microsegmentation, continuous authentication, and total visibility.
• Integration of security into CI/CD pipelines using validation tools and security testing.
• Experience conducting threat modeling to anticipate risks and define architectural countermeasures.
• Ability to design secure architectures for REST/GraphQL APIs with authentication, authorization, and abuse control (rate limit, WAF).
• Knowledge of secure architecture for Docker, Kubernetes, and OpenShift, focusing on RBAC, Network Policies, and hardening.
• Definition of security requirements for mobile apps and IoT devices (e.g., authentication, encryption, secure updates).
• Deep knowledge of IAM, including provisioning, authentication, authorization, SSO, MFA, and protocols like SAML, OAuth2, OIDC, LDAP, and Kerberos.
• Advanced knowledge of languages such as Java, Node.js, PHP, Swift, and Kotlin, including vulnerability analysis and dependency management.
• Analytical capacity for problem-solving and decision-making.
• Assertive, empathetic, and non-violent communication skills.
• Ability to foster an environment of innovation and collaboration.
• Planning and execution of tasks aligned with strategic objectives.
• Ability to lead technical teams by example as a technical reference.
• Proactivity and rapid adaptation to changes.
• Strategic vision to align technology with business goals.
• Proven experience in solution architecture and project implementation in specialized areas.
• Certifications such as CISSP, ISSAP, CCSP, SABSA, TOGAF, CISM, AWS Security, Azure SC-100, OSCP, or OSWE.
• Strong communication and collaboration skills for working with diverse teams and stakeholders under pressure.
• Knowledge and practice in project management and agile methodologies.
• Proficiency in English and Spanish for reading, writing, and conversation.

Additional Information

Our Benefits

Caring for people is at the center of our actions. Our benefits promote well-being, balance, and quality of life inside and outside of work.

Caring for your daily life

• Food and meal vouchers.
• Home office and hybrid allowance: Monthly cost assistance.
• Daycare and nanny reimbursement: Monthly reimbursement for childcare expenses.
• Mobility allowance: Assistance for transportation costs.

Caring for your future

• Profit Sharing (PPR): Strategic remuneration based on Unicred's results.
• Business life insurance: Financial protection and peace of mind.
• Private pension: Planning for a secure future with company co-participation.

Caring for your health

• Medical assistance: Access to hospital care for you and your dependents.
• Dental assistance: Care for you and your dependents.

Caring for your well-being

• English Pass: Digital platform for English language development.
• Wellhub (Gympass): Access to gyms and studios nationwide.
• Zenklub: Platform with psychologists and self-development content.
• Christmas basket: For special holiday moments.
• Day off on your birthday: A day to celebrate your special day.
• Day off on your children's birthday: A day to celebrate with family.

Extended parental leaves

• Maternity leave: 180 days (six months).
• Paternity leave: 20 days.

Exclusive premises for Unicred employees:

• Meet minimum vacancy requirements before applying.
• Communicate with your leadership before formalizing your application.
• Mark the "internal employee" option on Gupy.
• Respect minimum admission times: Unicred do Brasil (6 months), Regional Core Connection (6 months), Multi-regional Regional Core (6 months within same CNPJ/1 year for others), Generation Regional Core (6 months within same CNPJ/1 year for others).

We are a leading cooperative financial institution in Brazil with over 35 years of history, dedicated to bringing prosperity and collaboration to our members. We value the potential, ideas, and skills of every individual. Since November 1, 2024, the Unicred System has operated under a two-level organizational structure, supporting over 4,300 employees, 330,000 members, and 25 cooperatives across approximately 380 business units.