At Avenue Code, we are passionate about transforming businesses through technology. We are a leading end-to-end development consultancy for digital transformation across various markets, growing sustainably since day one. We believe that great results are born from strong relationships. Our team combines technical expertise, collaboration, and a welcoming approach to work that makes all the difference.About The OpportunityWe are looking for an IT Security & Cybersecurity Specialist (PCI DSS) to help strengthen and continuously improve the protection of critical information assets. In this role, you will support the implementation, monitoring, and enhancement of cybersecurity controls while ensuring the confidentiality, integrity, and availability of systems and data. A key focus of the position is supporting and maintaining PCI DSS compliance for environments that process, transmit, or store cardholder data.Responsibilities:Implement, monitor, and continuously improve security controls aligned with frameworks such as ISO 27001, NIST, and PCI DSS.Assist in vulnerability analysis, coordinate remediation efforts, and follow up on internal and external security scans.Participate in cybersecurity incident response, supporting investigation, containment, and resolution activities.Administer and manage security technologies, including SIEM, EDR/XDR, WAF, DLP, IAM, CSPM, firewalls, and endpoint protection tools.Develop and maintain security policies, procedures, and operational guidelines.Support hardening initiatives for servers, databases, and applications.Conduct technology risk assessments and define mitigation plans to reduce exposure.Maintain compliance with PCI DSS requirements in environments handling cardholder data.Manage documentation, compliance matrices, evidence collection, and audit reports required for assessments.Support penetration testing, ASV scans, and PCI-mandated security validations.Define and implement compensating controls when applicable.Maintain asset inventories, network segmentation documentation, and data flow mapping for PCI environments.Promote secure development and operational practices through internal awareness and training initiatives.Required QualificationsStrong knowledge of Information Security and Cybersecurity practices, including defensive and offensive security approaches.Proven experience working with PCI DSS standards (v3.2.1 or 4.0).Hands-on experience with security tools such as SIEM platforms (Splunk, QRadar, Elastic), firewalls, WAF, DLP, and EDR/XDR solutions.Solid understanding of network architectures and security protocols including TLS, VPN, IDS/IPS.Knowledge of cryptography concepts, key management, tokenization, and data masking.Experience with security testing, vulnerability management, and penetration testing processes.Familiarity with Windows and Linux environments as well as cloud platforms such as Azure or GCP.Understanding of incident response methodologies and security frameworks such as NIST or SANS.Nice To Have SkillsCertifications or advanced specialization in Information Security or Cybersecurity.Experience supporting security audits and compliance assessments.Exposure to cloud security practices and cloud-native protection tools.Background working in environments handling sensitive financial or payment data.Avenue Code reinforces its commitment to privacy and to all the principles guaranteed by the most accurate global data protection laws, such as GDPR, LGPD, CCPA and CPRA. The Candidate data shared with Avenue Code will be kept confidential and will not be transmitted to disinterested third parties, nor will it be used for purposes other than the application for open positions. As a Consultancy company, Avenue Code may share your information with its clients and other Companies from the CompassUol Group to which Avenue Code’s consultants are allocated to perform its services.