• Experiência comprovada com segurança de sistemas e infraestrutura; • Habilidades "hands-on" para configurar e manter ferramentas de segurança, incluindo firewall, WAFs, sistemas de detecção e prevenção de intrusões (IDS/IPS), antivírus, api gateway e monitoramento de redes; • Monitoramento e investigação de alertas em ferramentas como SIEM e EDR; • Análise de eventos e tentativa de exploração de aplicações e infraestrutura; • Gestão e tratamento de vulnerabilidades (identificação, priorização e acompanhamento de correções); • Análise de código sob a perspectiva de segurança; • Participação em processos de due diligence de segurança em fornecedores; • Apoio na resposta a incidentes e investigação de possíveis comprometimentos; • Habilidade para desenvolver e documentar políticas, diretrizes e manuais de segurança; • Proposição de melhorias em processos e controles.

• Lead Incident Response efforts for corporate, cloud, and product environments, including investigation, containment, eradication, and recovery. • Perform threat hunting across endpoints, networks, and cloud workloads to proactively identify indicators of compromise, emerging threats, and control gaps. • Conduct cloud incident response for AWS, Azure, and GCP, and other cloud environments including Kubernetes and containerized workloads, performing log analysis, identity compromise investigations, and workload forensics. • Drive product security incident response, collaborating with engineering teams to analyze potential exposure to vulnerabilities, exploits, and security flaws in NVIDIA products. • Perform digital forensics and malware analysis to support investigations and root cause analysis. • Develop and optimize security orchestration and automation playbooks in partnership with Security Engineering to accelerate detection and response. • Build and refine detections and defense strategies based on threat models and attacker behaviors across cloud, identity, endpoint, and product telemetry, using frameworks such as MITRE ATT&CK to map adversary tactics and enhance detection coverage. • Provide guidance to engineering and business teams on secure design and incident handling standards and contribute to security policies, standards, and metrics to continuously improve NVIDIA’s security posture.

• Проведення перевірок безпеки постачальників; • Пошук та збір інформації з відкритих джерел (OSINT); • Ведення та актуалізація реєстрів оцінки ризиків. • Заповнення та обробка клієнтських анкет з інформаційної безпеки відповідно до міжнародних стандартів (ISO 27001, SOC 2, NIST); • Первинний перегляд договорів із клієнтами (DPA/MSA) для виявлення розбіжностей між внутрішніми процесами компанії та вимогами клієнтів; • Опрацювання запитів від інших підрозділів. • Моніторинг, аналіз та перевірка доказів (логи, скріншоти) для підтвердження відповідності пристроїв співробітників вимогам безпеки; • Комунікація з користувачами для усунення невідповідностей вимогам безпеки; • Ведення реєстру затверджених пристроїв. • Створення та оновлення внутрішніх інструкцій, процедур і матеріалів бази знань з інформаційної безпеки. • Участь у фішингових симуляціях; • Допомога у підготовці матеріалів та листів з інформаційної безпеки для співробітників. • Первинна обробка інцидентів безпеки: збір доказів, базове розслідування та координація комунікації між залученими сторонами.

Role Description We are looking for a motivated CyberSecurity Analyst ready to take us to the next level! If you have cyber risk management experience and are looking for your next career move, apply now. The Cybersecurity Analyst will be responsible for helping execute the Maritime Cybersecurity strategy and program initiatives relating to dry dock operations. The role will serve as a coordinator and subject matter expert to peers and leaders across the client shipboard lines of business regarding maritime cyber risks. This position will be full-time and remote. The role will be an individual contributor providing cyber risk management and assurance expertise to protect and maintain systems located within or connected to the client shipboard environments, adhering to maritime cybersecurity guidelines and corporate information security standards. - Key contributor to the upgrade of shipboard IT and OT systems and processes to reduce existing and emerging risks to the client maritime assets. - Leverage information security activities and technologies to raise cyber situational awareness and protection. - Ensure maritime cybersecurity technology is configured and operating per established standards. - Update technical standards, architectural/engineering diagrams, and procedures for shipboard and newbuild I.T. and marine operations units. - Define and track assigned remediation tasks to mitigate shipboard IT, ET, and OT vulnerabilities and defects. - Partner with team members within Information Security, I.T., and business units to implement compensating controls for identified system weaknesses. - Review, interpret, and explain complex maritime cyber guidelines and future regulations to peers and non-technical team members. - Establish and manage relationships with engineering and operational staff to assess their cyber assurance program. - Contribute with a high degree of self-sufficiency and resourcefulness to departmental performance objectives. - Demonstrate motivation to maintain technical skills and cybersecurity knowledge through self-development opportunities. - Actively engage in liaison activities with maritime industry associations and regulatory agencies. Qualifications - Bachelor’s degree in computer science, information systems, or a related field. - Degree in Scrum & Agile Software development Methodology. - Internship in a similar role in a medium-sized organization. Requirements - Proficiency in Rapid7 and Fortinet (FortiAnalyzer) for data extraction and visualization. - Proficiency in analytic tools like Power Bi and Tableau. - Ability to prioritize effectively. - Excellent oral and written communication skills. - Ability to work with large teams. - Meticulous attention to detail. Benefits - Remote work flexibility. - Standard work week: 9 am - 6 pm EST M-F. - Travel required: Yes, up to 25% to visit ships.