Portobello logo
Portobello

Exciting New Fashion Game - forward Thinking in a Changing World

Information Security Specialist – Detection, Response and Engineering

Security EngineerSecurity EngineerFull TimeRemoteSeniorTeam 1-10Since 2020H1B No SponsorCompany SiteLinkedIn

Location

Brazil

Posted

4 days ago

Salary

0

Seniority

Senior

Job Description

Information Security Specialist – Detection, Response and Engineering

Portobello

• Technical owner of the information security operations platform, responsible for the architecture, strategy, and maintenance of detection controls, incident response, vulnerability management, identity management, and perimeter governance. • Primary technical reference for the area, contributing to the evolution of process maturity and the technical development of the team.

Job Requirements

  • Solid, proven experience in Information Security operations (SecOps, Blue Team, or related areas).
  • Advanced hands-on experience with open-source SIEM platforms (creating complex rules, event correlation, tuning, and detection engineering).
  • Experience leading and modeling corporate Vulnerability Management programs.
  • Experience with commercial Vulnerability Management tools (Qualys, Tenable, Rapid7, or equivalents).
  • Experience in Identity and Access Management (IAM) governance, including Active Directory, SSO, MFA, identity federation, and RBAC models.
  • Experience administering and governing Next-Generation Firewalls (Check Point, Palo Alto, Fortinet, or equivalents).
  • Applied knowledge of the ISO/IEC 27001, NIST Cybersecurity Framework, and CIS Controls.
  • Experience with automation using Python, Bash, or PowerShell.
  • Proficiency in Windows and Linux environments.
  • Knowledge of Cloud environments (AWS, Azure, or OCI).
  • Technical autonomy and resilience to make decisions under resource constraints or in crisis scenarios.
  • Highly collaborative, problem-solving oriented profile for addressing complex issues.
  • Excellent verbal and written communication skills to engage both technical and executive (non-technical) audiences.
  • Commitment to documentation and knowledge sharing.

Benefits

  • Life insurance
  • Health and dental plan
  • Portobello Corporate University platform
  • Profit Sharing and Results Program (PPR)
  • Discounts at local pharmacies
  • Private pension plan
  • Union membership
  • Discount network – partnerships with various educational institutions
  • Discounts on Portobello product purchases
  • Vacation bonus
  • Portobello Mother's Allowance – for purchasing the baby's layette
  • Childcare assistance
  • Support for dependents with disabilities (PWDs)
  • Professional training and development programs
  • Wellhub and many more

Related Categories

Related Job Pages

More Security Engineer Jobs

Dragos logo

Senior Security Endpoint Engineer

Dragos

Dragos is a computer and network security company specializing in industrial cybersecurity, incident response, threat intelligence, and security software. Past flexible jobs at Dra

Role Description Dragos is on a relentless mission to defend industrial organizations that provide us with the necessities of modern civilization; running water, functioning electricity, and safe industrial working environments. As the market leader in ICS/OT Cybersecurity, we are dedicated to arming our customers with best-in-class technology, threat intelligence, and services to protect their systems as effectively and efficiently as possible. We’re a remote-first culture with operations in North America, Europe, the Middle East, and APAC. We’re looking for mission-oriented teammates who embody our core values of authenticity, transparency, and trust. Are you ready to make a difference? Come join a mission that can save the world! The Senior Security Endpoint Engineer owns the full lifecycle of endpoint security and management across Dragos. This is a dual-mandate role: you're responsible for keeping endpoints secure and for making sure people can actually do their jobs. That means EDR coverage and detection fidelity matter just as much as patch compliance and deployment reliability — and staff experience is a first-class outcome alongside security posture. You'll operate at the intersection of security engineering and IT operations, collaborating closely with Infrastructure/Systems Engineering to ensure unified endpoint management doesn't create friction for the business. This isn't a pure security role — it owns the employee-facing endpoint experience end to end. Responsibilities - Own the complete endpoint lifecycle including provisioning, configuration, enrollment, refresh, and decommissioning across all supported platforms while maintaining standard build configurations and baseline images. - Administer and optimize the endpoint detection and response (EDR) platform, including sensor deployment, detection tuning, and response policy optimization to reduce alert noise while preserving security effectiveness. - Lead endpoint-focused incident response activities including triage, containment, forensic data collection, and post-incident review; develop and maintain incident response runbooks for endpoint threat scenarios. - Establish and manage the endpoint patching program across operating systems and third-party software, define patch compliance SLAs by severity level, and coordinate patching efforts with Infrastructure and Systems Engineering teams. - Administer the mobile device management (MDM) platform for corporate and BYOD devices, manage mobile configuration profiles, compliance policies, and ensure mobile endpoint visibility within security tooling. - Act as the escalation point for complex endpoint issues beyond helpdesk capability, maintain user-facing documentation and guidance, and gather staff feedback to reduce unnecessary policy burden while preserving security controls. - Build and maintain endpoint automation for configuration management, compliance verification, remediation workflows, and reporting; evaluate new endpoint tools and capabilities and contribute endpoint-focused priorities to the security engineering roadmap. Qualifications - 5–8 years of hands-on experience in endpoint security, endpoint management, or a combined security/IT operations role. - Deep working knowledge of EDR platforms: deployment, tuning, policy management, and incident response workflows. - Demonstrated experience managing endpoints across Windows, macOS, and Linux at scale. - Hands-on MDM administration experience (corporate devices and/or BYOD) across iOS and Android. - Practical experience with patch management programs including SLA definition, compliance tracking, and exception handling. - Proficiency with scripting and automation (PowerShell, Bash, Python, or equivalent) for endpoint management and operational workflows. - Familiarity with vulnerability management workflows and how endpoint patching integrates into the broader program. - Strong written communication skills — you can document a configuration decision and explain a security risk to a non-technical audience without losing accuracy in either case. Requirements - Salary: $130,000 - Competitive Equity Package - Comprehensive Benefits Plan Company Description Dragos is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, state, or local laws. All new hires must pass a background check as a condition of employment.

United States
$130K / year
Bristlecone logo

Principal - Emerging Platforms

Bristlecone

AI-Powered Application Transformation Services for the Connected Supply Chain

Full TimeRemoteTeam 1,001-5,000Since 1998H1B Sponsor

Role Description - Lead solution architecture and design for BY implementations and enhancements. - Conduct discovery workshops and translate business requirements into functional and technical solution designs. - Own the end-to-end solution blueprint, including process design, configuration, integrations, reporting, and data migration. - Drive integration architecture with upstream/downstream systems such as ERP (SAP/Oracle), EDI, carrier systems, OMS, WCS, and visibility platforms. - Guide teams on BY configuration and best practices across logistics processes (inbound, outbound, planning, execution, freight settlement, warehouse operations). - Define non-functional requirements: performance, scalability, security, monitoring, resilience. - Support SIT/UAT strategy, defect triage, and ensure solution quality through signoffs. - Work closely with stakeholders to manage scope, risks, dependencies, and release readiness. - Provide leadership and mentoring to consultants/analysts and support knowledge transition. - Present solution options, trade-offs, and recommendations. - Exceptional problem-solving skills and strategic thinking abilities. Company Description Bristlecone is the leading provider of AI-powered application transformation services for the connected supply chain. We empower our customers with speed, visibility, automation, and resiliency – to thrive on change. - Transformative solutions in Digital Logistics, Cognitive Manufacturing, Autonomous Planning, Smart Procurement, and Digitalization. - Positioned around key industry pillars and delivered through a comprehensive portfolio of services spanning digital strategy, design and build, and implementation across a range of technology platforms. - Ranked among the top ten leaders in supply chain services by Gartner. - Headquartered in San Jose, California, with locations across North America, Europe, and Asia, and over 2,500 consultants. - Part of the $19.4 billion Mahindra Group. Equal Opportunity Employer Bristlecone is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status. Information Security Responsibilities - Understand and adhere to Information Security policies, guidelines, and procedures; practice them for protection of organizational data and Information System. - Take part in information security training and act while handling information. - Report all suspected security and policy breaches to the InfoSec team or appropriate authority (CISO). - Understand and adhere to the additional information security responsibilities as part of the assigned job role.

United States
Upwind Security logo

Technical Account Manager

Upwind Security

Cloud Security Happens at Runtime.

Full TimeRemoteTeam 51-200H1B No Sponsor

• Act as a strategic partner to the sales team post-sale, supporting account continuity while enabling sales to focus on new opportunities • Lead the technical deployment of the Upwind platform post-sale, ensuring smooth and successful onboarding and deployment of new capabilities • Serve as the primary point of contact for customers, addressing issues quickly and maintaining a high-quality customer experience • Build strong, long-term relationships by introducing new features, gathering feedback, and leading roadmap discussions • Partner with sales during renewals and expansion to align technical planning with customer needs and drive value • Proactively engage with customers to surface key security insights, guide feature adoption, and ensure they realize the full value of the Upwind platform • Understand and advocate for your customers needs cross functionally (i.e. Product Management and Technical Support)

California

AI Security Engineer

EMCOR Group

EMCOR Group is a Fortune 500 company self-described as a leader in the construction and facilities services industry. The team of 33,000+ associates spanning 17

Role Description EMCOR Group, Inc. seeks an AI Security Engineer who will be responsible for securing the organization’s artificial intelligence capabilities—including GenAI systems, ML pipelines, model hosting, AI integrations, and AI-enabled business processes—through a combination of security architecture, governance, risk management, and hands-on engineering. This role designs and implements security controls to reduce risks such as prompt injection, data leakage, model exfiltration, supply-chain compromise, unauthorized use, and AI-driven abuse, while enabling safe adoption across the enterprise. - Adopt and maintain the Enterprise AI Security Reference Architecture - Establish security patterns and guardrails for AI use cases including approved data sources, allowed tools, etc. - Conduct threat modeling for AI systems and integrations and translate threats into technical controls - Operationalize AI governance with EMCOR Legal and Risk - Work with EMCOR Security Governance, Risk and Compliance (GRC) to maintain the AI risk assessment process - Implement and maintain controls to prevent data leakage and sensitive information exposure in AI prompts, outputs, logs, and training sets - Work with EMCOR Security Identity and Access Management (IAM) and GRC to deploy and tune protections like DLP, data classification, prompt and response filtering, RAG hardening and model endpoint security - Integrate and maintain AI security testing capabilities such as prompt injection, model behavior evaluations, adversarial testing, etc. - Work with EMCOR Security Operations to define and implement logging and monitoring requirements, create detection use cases, and playbooks for AI related incidents - Assist with AI vendor and cloud services assessments Qualifications - Seven years minimum experience in cybersecurity, security engineering and security architecture - Three years minimum experience securing cloud platforms, APIs, and CI/CD - Working knowledge of AI/ML concepts - Experience with security monitoring and detection, and incident response - CISSP, CCSP, or GIAC or equivalent certification preferred - Ability to effectively communicate and interact with personnel at all levels - Must be capable of delivering a very high level of customer service Benefits - Comprehensive benefits package including medical, dental, and vision coverage - Health savings and flexible spending accounts - Life insurance and disability coverage - 401(k) Savings Plan - College Coach and employee assistance program Compensation - Compensation Range: $134,000 - $171,000 - This position is bonus eligible

United States
$134K - $171K / year