Role Description We are seeking a Security Analyst to join our team and play a key role in threat detection, incident response, and security monitoring. The ideal candidate will have a strong analytical mindset, an understanding of cyber threats and attack techniques, and the ability to implement effective security controls to mitigate risks. This role involves proactively monitoring security events, investigating potential breaches, and supporting clients with vulnerability management and security best practices. Key Responsibilities - Threat Detection & Security Monitoring - Continuously monitor SIEM, IDS/IPS, firewalls, and endpoint security tools to identify suspicious activity. - Analyze and correlate security alerts to detect potential cyber threats and data breaches. - Perform log analysis and anomaly detection to identify patterns indicative of compromise. - Incident Response & Threat Investigation - Investigate security incidents, phishing attempts, malware infections, and unauthorized access events. - Develop and implement remediation strategies to mitigate security risks. - Conduct digital forensics and root cause analysis on security breaches. - Work closely with internal teams and clients to ensure swift containment and resolution of threats. - Vulnerability Management & Security Operations - Perform regular vulnerability scans and assessments, identifying security gaps and misconfigurations. - Recommend and implement security improvements based on assessment findings. - Optimize security configurations and policies across cloud and on-premise environments. - Assist in security patch management and tracking remediation efforts. - Security Policy & Awareness - Assist in the development and enforcement of security policies, procedures, and best practices. - Provide security awareness training to employees and clients to mitigate human-related risks. - Stay informed on emerging cyber threats, attack techniques, and security technologies. Qualifications - Experience in security monitoring, threat detection, or incident response. - Strong understanding of security tools including SIEM, IDS/IPS, firewalls, and endpoint security platforms. - Familiarity with log analysis, malware analysis, and digital forensics techniques. - Knowledge of threat intelligence platforms and cyber threat hunting techniques. - Experience with vulnerability assessment tools such as Nessus, Qualys, or OpenVAS. - Understanding of network security, cloud security, and endpoint protection. Requirements - Scripting & Automation (Preferred, Not Required) - Basic proficiency in Python, PowerShell, or Bash for security automation. - Ability to write scripts for log analysis, threat hunting, or security automation is a plus. - Certifications (Preferred, Not Required) - CompTIA Security+, CEH (Certified Ethical Hacker), GCIH (GIAC Certified Incident Handler), or similar certifications are desirable. - Soft Skills & Work Environment - Strong problem-solving skills and ability to think like an attacker. - Ability to work both independently and collaboratively within a security team. - Effective communication and reporting skills to convey security findings to technical and non-technical stakeholders. - Strong attention to detail with a methodical approach to security investigations. - A passion for learning and keeping up with the latest security threats and technologies. Benefits - Work on real-world cybersecurity threats and gain experience in high-impact security operations. - Opportunity to develop and implement security controls across various industries. - Career growth opportunities in a fast-growing cybersecurity agency. - Flexible work environment – remote and hybrid options available. - Competitive salary and performance-based incentives.

• Conduct risk assessments of vendors and third-party partners. • Evaluate security controls implemented by third parties and identify potential vulnerabilities. • Ensure adherence to corporate information security and risk management policies. • Identify, document and track mitigation plans for identified risks. • Collaborate with the GRC team in managing information security risks. • Review evidence, certifications and compliance attestations from vendors. • Assess alignment with industry frameworks and best practices, including NIST. • Support the implementation and monitoring of security controls. • Participate in contract reviews between the company and vendors, ensuring information security requirements are included and followed. • Work closely with Legal and Procurement teams to mitigate contractual risks related to security. • Prepare executive reports and technical opinions on identified risks. • Present assessment results to business areas, managers and stakeholders. • Support risk-based decision making by providing mitigation recommendations. • Assist with concurrent investigations of security incidents. • Contribute to threat and vulnerability monitoring activities. • Produce incident reports and support senior teams in the analysis and remediation of occurrences.

• Incident Management: Lead the incident response lifecycle (preparation, identification, containment, eradication, and recovery). • Forensic Analysis: Perform digital forensics on hosts (Windows/Linux/iOS/Android), memory, networks, and cloud environments to identify the root cause of compromises. • Advanced Monitoring: Work together with the SOC/Support team to triage high-complexity alerts in XDR/SIEM and NDR tools. • Threat Hunting: Conduct proactive searches for threats that may have bypassed existing security controls. • Documentation and Reporting: Produce detailed technical reports and forensic findings to support executive decision-making and regulatory compliance (Bacen/LGPD). • Continuous Improvement: Recommend adjustments to detection rules and security policies based on the tactics (TTPs) observed during investigations.

• Monitor and analyze security events utilizing Splunk Enterprise Security (ES). • Build, maintain, and tune Splunk searches, correlation rules, alerts, and dashboards. • Conduct incident response activities from detection through containment, eradication, recovery, and closure. • Investigate endpoint security incidents utilizing Microsoft Defender for Endpoint. • Perform endpoint policy management and incident investigations. • Assess AWS cloud security telemetry utilizing GuardDuty, Security Hub, and related cloud security services. • Identify threats, vulnerabilities, suspicious activity, and cloud misconfigurations. • Execute alert triage, incident scoping, and escalation activities according to established playbooks. • Recommend updates and improvements to operational procedures and incident response playbooks. • Support threat hunting activities and detection engineering initiatives aligned to MITRE ATT&CK methodologies. • Perform phishing investigations, alert enrichment, and forensic review activities. • Conduct root cause analysis and document corrective actions following security incidents. • Track incidents and operational tasks utilizing case management systems. • Participate in tabletop exercises and operational readiness activities. • Collaborate with Security Operations teams, Incident Response personnel, and federal stakeholders. • Prepare reports and communicate findings to technical and non-technical audiences. • Perform other job-related duties as assigned.