Senior Information Security Analyst

Porto Alegre
Tech – IT & Security /
Full Time /
Hybrid
Welcome to KTO Group, where innovation drives excitement in iGaming. Founded in 2018 by Andreas Bardun, we’re transforming online gaming with a focus on transparency and player satisfaction.
At KTO.com, we blend the thrill of sports betting with online casino entertainment, tailored to local markets and powered by our proprietary platform for a seamless, personalized experience.
KTO is a rising leader in LATAM, proudly ranked among Brazil’s top 10 iGaming brands. Join us as we set new standards in trust, innovation, and the future of iGaming.

We are looking for an experienced and highly skilled Senior Information Security Analyst to join our IT & Security team. In this role, you will be responsible for leading efforts to protect our organization’s information systems from security threats and vulnerabilities. You will work closely with cross-functional teams to develop, implement, and monitor security measures that align with industry best practices and regulatory requirements. Your expertise will be crucial in safeguarding our digital assets and ensuring the integrity, confidentiality, and availability of our data.

MAIN RESPONSIBILITIES

    • Develop, implement, and maintain security strategies, policies, and procedures to protect the organization's data and IT assets.
    • Ensure alignment of security initiatives with the overall business objectives and regulatory requirements.
    • Lead the identification, assessment, and mitigation of security vulnerabilities within the organization's information systems.
    • Perform regular vulnerability assessments and penetration testing to uncover security weaknesses.
    • Perform regular risk assessments to evaluate the potential impact of security threats and determine appropriate risk management strategies.
    • Lead and coordinate the response to security incidents, including breach detection, investigation, containment, eradication, and recovery.
    • Conduct post-incident analysis and develop reports detailing the incident and preventive measures.
    • Oversee the continuous monitoring of network traffic, system logs, and security alerts to detect and respond to security threats in real-time.
    • Manage and optimize the deployment and configuration of security tools such as SASE, CASB, SIEM etc.
    • Ensure compliance with relevant security standards and regulations (e.g. LGPD, GDPR,  ISO 27001).
    • Prepare for and lead security audits, including the development of audit plans and the coordination of audit activities with internal and external stakeholders.
    • Develop and deliver security awareness programs and training sessions for employees, promoting best practices and reducing the risk of security breaches.
    • Advise on security risks and recommend appropriate measures to mitigate those risks across the organization.
    • Act as a key liaison between the IT department and other business units to ensure security measures are integrated into all areas of the organization.
    • Work closely with the legal and compliance teams to ensure that security practices meet legal and regulatory requirements.
    • Maintain detailed and up-to-date documentation of security policies, procedures, and incidents.
    • Prepare and present comprehensive reports on security metrics, incidents, and compliance status to senior management and other stakeholders.
    • Stay current with the latest security trends, threats, and technologies.
    • Identify opportunities for improving security processes and implement best practices to enhance the organization’s security posture.

EXPERIENCE & QUALIFICATIONS REQUIRED

    • Hands-on experience with infosec tools and platforms 
    • Demonstrated ability to develop and execute Infosec strategies 
    • Excellent leadership and team management skills, with a track record of building and leading high-performing teams.
    • Strong analytical and problem-solving skills, with a keen attention to detail.
    • Exceptional communication and stakeholder management abilities.
At KTO, diversity isn't just a buzzword – it's our strength. We're all about creating an inclusive environment where everyone feels valued and empowered. Together, we're not just working on projects – we're making a real impact in our communities. Join us in celebrating diversity and driving meaningful change!

Participation is prohibited for:
Individuals under 18 (eighteen) years of age;
Public agents with duties directly related to the regulation, control, and supervision of the activity within the federative entity in whose personnel framework they perform their duties;
- Persons who have or may have any influence on the outcome of a real event with a sports theme subject to fixed-odds lottery betting, including:
- Persons holding positions as sports directors, sports coaches, trainers, and members of the technical staff;
- Referees of sports, referee assistants, or equivalents, sports entrepreneurs, agents or representatives of athletes and coaches, coaches or members of the technical staff;
- Members of the administrative or supervisory body of entities responsible for organizing competitions or sporting events;
- Athletes participating in competitions organized by entities within the National Sports System;
Individuals diagnosed with gambling addiction, according to a diagnosis from a qualified mental health professional.