• Own enterprise-wide security incident response —ensure the team can detect, triage, contain, eradicate, and recover from incidents across cloud, on-prem, SaaS, and endpoint environments with speed and precision. • Maintain and continuously improve the incident response plan, playbooks, escalation procedures, and communication templates, ensuring they are tested, current, and aligned to NIST CSF 2.0. • Serve as incident commander or executive sponsor for high-severity incidents; make real-time decisions on containment and remediation under pressure. • Drive post-incident reviews that produce actionable findings, root-cause analysis, and measurable improvements—not just documentation. • Coordinate threat response across US and India teams, ensuring consistent coverage, quality, and process regardless of geography. • Partner with Legal & Privacy throughout the incident response lifecycle—ensuring timely notification assessments, evidence preservation, regulatory reporting obligations, and litigation hold requirements are met in coordination with response activities. • Own the security and IT tooling portfolio across the company: endpoint management (MDM, EDR), identity infrastructure, SIEM/SOAR, network security, vulnerability scanning, email security, cloud security posture management, and related platforms. • Build and maintain operational metrics and dashboards that provide the CISO and leadership with clear visibility into incident trends, MTTD/MTTR, tool health, SLA performance, and infrastructure posture.

Role Description Buscamos um(a) Analista de Segurança da Informação para atuar na construção e evolução da operação de Cloud Security e SecOps, com foco em ambientes AWS e monitoramento de segurança utilizando Wazuh. Nossos clientes são empresas do segmento de meios eletrônicos de pagamento e serviços financeiros, em um momento estratégico de expansão e fortalecimento da operação de segurança. Qualifications - Experiência mínima de 4 anos em Segurança da Informação. - Pelo menos 2 anos atuando com AWS Security. - Experiência prática com: - Security Hub - GuardDuty - CloudTrail - CloudWatch - IAM - Config - Macie - VPC - AWS WAF - Experiência com Wazuh (configuração, integrações e regras customizadas). - Conhecimentos sólidos em IAM e Governança de Acessos. - Experiência com Microsoft Entra ID (Azure AD) e Active Directory. - Perfil autônomo, colaborativo e adaptado ao modelo remoto. Requirements - Experiência em fintechs ou instituições financeiras. - Conhecimento em LGPD, BACEN, ISO 27001 e NIST. - Certificações AWS e Security. Benefits - CLT + Benefícios - Cartão Flexível: R$ 770/mês - Plano de Saúde Bradesco (sem mensalidade, apenas coparticipação) - Assistência Odontológica MetLife - Seguro de Vida - Trabalho 100% Remoto Challenges - Estruturar e evoluir o monitoramento de segurança em ambiente AWS. - Integrar ativos AWS ao Wazuh. - Atuar com Security Hub, GuardDuty, CloudTrail, CloudWatch, IAM, Macie e WAF. - Implementar e otimizar controles de Cloud Security. - Apoiar processos de resposta a incidentes e gestão de vulnerabilidades. - Administrar Microsoft Entra ID (Azure AD) e Active Directory.

• Support enterprise incident response activities across detection, triage, containment, eradication, and recovery • Coordinate the execution of high-impact cybersecurity incidents, in support of Cybersecurity leadership • Serve as an operational escalation point for incident response, ensuring issues are appropriately routed and addressed • Develop and maintain incident response playbooks, procedures, and standards • Support coordination with legal, compliance, IT, and external response partners under the direction of Cybersecurity leadership • Lead post-incident reviews with relevant stakeholders to identify improvements and strengthen organizational readiness • Lead security operations activities focused on SOC services, including security monitoring, alert management, and incident response execution • Oversee internal teams and external service providers (e.g., MSSPs) to ensure consistent, high-quality security operations coverage • Establish and enforce operational standards for alert triage, escalation, and incident handling • Drive scalability and efficiency through automation, orchestration, and process optimization • Ensure effective monitoring coverage across Microsoft 365 Commercial and Government Community Cloud High (GCCH) environments • Own and evolve security operations technologies, including security information & event monitoring (SIEM) and detection and response platforms • Define and govern how multiple SOCs (internal and external) operate together, ensuring clear roles, responsibilities, and coordination models • Establish IDEX Cybersecurity as the lead authority for major incident response, with external SOCs supporting detection and escalation • Manage relationships with external SOC providers, including performance oversight, metrics, and participation in QBRs • Improve detection fidelity through alert tuning, use case development, and false positive reduction • Drive enhancements in detection coverage, response speed (MTTR), and overall operational effectiveness • Partner with cybersecurity leadership to define operational roadmap, priorities, and maturity targets • Coordinate cybersecurity requests and activities across teams, ensuring work is properly triaged, prioritized, and completed • Manage ticketing and escalation processes, ensuring issues are routed, tracked, and resolved in a timely manner • Track and communicate the status of incidents, initiatives, and key activities across teams • Partner with IT and project management office (PMO) teams to ensure cybersecurity requirements are built into projects and services from the start • Promote consistent, security-first practices across IT operations and service delivery • Own security operations performance metrics and reporting, including MTTR, detection effectiveness, alert quality, and service level agreements (SLAs) • Develop and enhance operational metrics and dashboards to support enterprise reporting and risk visibility • Use data-driven insights to identify gaps, inefficiencies, and improvement opportunities • Drive continuous improvement initiatives to enhance operational maturity, scalability, and consistency • Support coordination of cybersecurity readiness efforts, including tabletop exercises and crisis simulations • Mentor and develop team members and stakeholders in incident response practices • Support knowledge transfer and training initiatives to improve enterprise-wide response capabilities • Contribute to development and maintenance of operational documentation and standards.

Role Description The Electricity Information Sharing and Analysis Center (E-ISAC) is seeking pre-selected summer interns from the GEOINT-ISAC to support various projects for Security Operations Teams. Interns will work alongside E-ISAC subject matter experts to support intelligence and physical security projects. Potential project areas include: - Open-source research and analysis on unauthorized UAS activity. - Development of a common operating picture using geospatial analysis expertise. - Support real-time situational awareness of potential threats to the energy sector. Interns will gain exposure to real-world critical infrastructure security challenges while contributing to meaningful projects that support the industry. Qualifications - Eligibility: Applicants have already been selected through an approved internship partnership program with the Geospatial Intelligence GEOINT-ISAC – Security Resilience Internship Program (SRIP) Support. Requirements - Background check will be conducted prior to internship. - In compliance with federal law, all persons engaged for internships are required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon internship. - The E-ISAC team is based in Washington D.C. This position is remote but may be requested to travel to the NERC and E-ISAC offices as well as partner locations. - Reimbursement of travel expenses will be in accordance with the company’s travel and expense reimbursement policies. Company Description The North American Electric Reliability Corporation (NERC) is a not-for-profit international regulatory authority whose mission is to assure the effective and efficient reduction of risks to the reliability and security of the grid. NERC develops and enforces Reliability Standards; annually assesses seasonal and long-term reliability; monitors the bulk power system through system awareness; and educates, trains, and certifies industry personnel. NERC’s area of responsibility spans the continental United States, Canada, and the northern portion of Baja California, Mexico. NERC is the Electric Reliability Organization (ERO) for North America, subject to oversight by the Federal Energy Regulatory Commission (FERC) and provincial authorities in Canada. NERC's jurisdiction includes users, owners, and operators of the bulk power system, which serves nearly 400 million people.