Grupo QuintoAndar | Senior Security Engineer (Incidents)

View full description

Requirements:

• Expertise in managing and configuring SOC tools such as EDR, SIEM, IDS/IPS, DLP, firewalls.
• Experience with SOAR implementations.
• Extensive experience in incident response and threat investigation.
• Proficiency in identifying, containing, and mitigating cybersecurity incidents.
• Skills in vulnerability management and risk mitigation.
• Certifications: GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH) or similar.
• Effective communication, analytical and collaboration skills.
• Fluency in Portuguese and proficiency in English.

Responsibilities:

• Monitor security events and alerts, responding to incidents detected by the SOC and security systems.
• Lead and coordinate cybersecurity incident response, including identification, containment, eradication, recovery, and post-incident analysis.
• Investigate the origin of attacks and security events by analyzing logs, network traffic, and system records.
• Create and maintain incident response playbooks, and collaborate on developing SIEM use cases.
• Identify automation opportunities in SOC processes and assist in implementing SOAR tools.
• Provide internal training on security best practices and conduct incident response simulations.
• Collaborate with software engineering teams to resolve identified vulnerabilities.
• Develop and present incident status reports and SOC performance metrics to management.