• Lead the creation and setup of our SOC team from the ground up. • Define team roles and responsibilities, and recruit initial team members. • Develop and validate operational processes, including monitoring, incident response, and client communication. • Ensure the SOC meets high standards of service and aligns with client needs.

• Lead, mentor, and develop a team of incident responders, ensuring clear expectations, growth, and consistent execution. • Define and drive the security incident response roadmap and strategic priorities, focusing on maturity, scalability, and readiness. • Oversee execution across detection, triage, containment, remediation, and post-incident learning. • Support forensic investigations, log reviews, cloud investigations, and root-cause analysis as an escalation point • Partner with Detection Engineering, Threat Intelligence, and other teams to improve cross-functional processes. • Maintain and evolve the development of incident response playbooks, team processes, training, and tabletop exercises. • Communicate effectively with stakeholders at all levels during incidents and throughout follow-up reporting. • Participate in the on-call rotation, serving as an incident manager or responder during major or complex incidents. • Track and report on incident trends, operational metrics, and program maturity.

• Help take our security incident response capabilities to the next level by building relationships with Engineering teams, new playbooks and finding opportunities for automation • Grow others in the art of Incident Response to support the program and increase consistency in outcomes • Play a key role in building and shaping the Security Incident Response team • Take the role of Incident Commander to bring incidents to resolution • Help shape the direction of investment by informing the business of trends and relevant metrics • Partner with our Security Engineers to monitor, refine, and expand our SIEM and SOAR platforms • Coordinate with the Fraud and Privacy teams to investigate potential fraudulent and sensitive activity • Participate in an on-call rotation for responding to security incidents, internal questions and operational support • Partner with the detection engineering function to develop new, high-fidelity detection rules based on incident trends and threat intelligence.

• Implementar e gerenciar o módulo Security Incident Response (SIR) da ferramenta ServiceNow. • Gerenciar e monitorar incidentes de segurança utilizando o ServiceNow, garantindo a proteção dos ativos da informação. • Criar e manter playbooks e runbooks para processos de resposta a incidentes, garantindo uma abordagem estruturada e eficiente. • Desenvolver e utilizar Power BI para análise de dados e relatórios de segurança, facilitando a visualização e interpretação das informações.