About the role This position is an affirmative job for women. At our company, we firmly believe that diversity is the key to success. We are dedicated to fostering an inclusive atmosphere and actively seeking team members from a wide range of professional and cultural backgrounds. We are looking for a fully remote Security Analyst II who wants to work in a challenging environment with a global team, enhance our maturity as a group in the area of security, and develop and implement best technological practices in a demanding setting. What you will be doing: Continuously update and review information security policies and requirements, aligned with regulations, laws (such as LGPD and GDPR), and the company's adopted frameworks. Foster a culture of information security by organizing and conducting workshops and lectures for employees. Manage and monitor Endpoint Detection and Response (EDR) policies, ensuring protection against threats. Serve as the focal point for conducting and responding to external audits, actively collaborating to implement security practices across the Group. Oversee the end-to-end process of penetration testing (Pentest), ensuring deadlines and responsibilities are clearly defined and met. Conduct the process of security assessment and approval for external vendors, ensuring compliance with security requirements. Actively participate in incident response, tracking occurrences, coordinating resolutions, and generating detailed documentation and reports. Plan and execute corporate security campaigns, promoting best practices and awareness among employees. What you´ll need to succeed in this role: Experience in reviewing and implementing information security policies. Knowledge of LGPD and GDPR regulations. Ability to conduct workshops and lectures. Experience with EDR tools. Ability to manage external audits and pentest processes. Experience in vendor security assessment. Skills in incident response and report generation. Experience in information security campaigns. Knowledge of security frameworks (e.g., NIST, ISO 27001). Qualifications Information security certifications (e.g., CISSP, CISM, CEH). 3-5 years of experience in security/IT area Graduated in technologie area (Science Computer, IT, eg.) Advanced English Differentials: Hands on experience in improvement pipeline of security Experience in security deployment platforms Knowledge in PHP/Typescript and React Why choose SandBox Engage. Entertain. Educate. Sandbox Group is set to redefine learning through its portfolio of award-winning digital & physical products and services for kids, parents, and teachers. The business is focused on bringing families and educators the best experiences in a safe and fun environment, and hopes to create a world where everyone is empowered to learn! The team at Sandbox understands the time, discipline, and expertise needed to develop brilliant learning experiences. Over the next few years, their aim is to reach more kids, parents, and teachers across the world. They intend to build and diversify their current offering by bringing additional products and services into the Sandbox family, covering the core audiences; Pre-K, K-8 Kids, Parents, and Teachers. At our company, we firmly believe that diversity is the key to success. We are dedicated to fostering an inclusive atmosphere and actively seeking team members from a wide range of professional and cultural backgrounds. If you're eager to take on your next significant career opportunity, we eagerly await your application. To create amazing products and experiences, we rely on one brand divided into four verticals: Kids, Experiences, Gaming, and Learning.
