Desafiamos o modo como as coisas são feitas. Sabemos que é possível fazer diferente. Escolhemos fazer juntos.
Analista de Segurança da Informação Sr – Resposta a Incidente
Location
Brazil
Posted
2 days ago
Salary
0
Seniority
Senior
Job Description
Analista de Segurança da Informação Sr – Resposta a Incidente
CoE | Centro de Excelência Votorantim
• Gestão de Incidentes: Liderar a resposta técnica a incidentes de segurança complexos (Ransomware, APTs, Insider Threats), desde a detecção até a lição aprendida (Post-Mortem). • Threat Hunting: Realizar caça proativa de ameaças na rede e nos endpoints, partindo de hipóteses baseadas em Threat Intelligence. • Forense Digital: Coletar e analisar artefatos digitais (memória, disco, logs) para reconstruir a linha do tempo do ataque. • Engenharia de Detecção: Criar e otimizar regras de correlação no SIEM e assinaturas de detecção (YARA, Snort/Suricata). • Automação (SOAR): Desenvolver playbooks e scripts (Python/PowerShell) para automatizar a resposta a alertas repetitivos. • Mentoria: Apoiar o desenvolvimento técnico de analistas júnior e pleno (N1/N2).
Job Requirements
- Experiência Sólida: Atuação comprovada em Blue Team, SOC ou CSIRT (mínimo de 3 anos sugerido).
- Frameworks: Domínio do NIST CSF e, principalmente, do MITRE ATT&CK para mapeamento de TTPs (Táticas, Técnicas e Procedimentos).
- Sistemas Operacionais: Conhecimento profundo de internos de Windows (Event Logs, Registro, Prefetch) e Linux (Logs, Kernel, Bash).
- Ferramentas de Defesa: Experiência prática com ferramentas de SIEM (Splunk, Elastic, Sentinel ou QRadar) e EDR/XDR (CrowdStrike, SentinelOne, Defender).
- Redes: Análise profunda de tráfego de rede (PCAP) utilizando Wireshark ou Zeek.
Benefits
- Trabalho 100% remoto
- Suporte administrativo
Related Guides
Related Categories
Related Job Pages
More Security Analyst Jobs
Security Analyst
BoxBox(NYSE: BOX)はインテリジェントコンテンツ管理(ICM)プラットフォームのリーディングカンパニーです。Boxのプラットフォームは、企業のコラボレーション促進や、コンテンツのライフサイクル全体の管理、重要なコンテンツの保護、そしてエンタープライズAIによるビジネスワークフローの変革を実現することを目指しています。
Role Description Box's Security Incident Response Team (SIRT) is responsible for managing Box's security incidents. Box presents a unique opportunity to be a part of building our global security team at massive scale. We have built a world-class group with some amazing talent and this is a unique opportunity to grow with us. We need a Security Analyst with experience fighting security fires, who is comfortable being uncomfortable, and is willing to run point on incidents. You're passionate about helping the team better understand your areas of expertise and interest, and to share your knowledge in a collaborative environment that focuses on enabling the team to share their unique skills and perspectives. - Responding and investigating security alerts - Recognising trends in alerts to help strengthen Box's security posture and provide suggestions for enhanced alerts, detection coverage and automation - Executing and delivering work towards long-term goals and initiatives to support Box's overall security posture - Adapting to change and effectively organising work according to business priorities - The documentation of process and procedures Qualifications - Bachelor's degree in a technical engineering or IT related field or equivalent experience - A pulse on the tools, tactics and procedures the bad guys are using today and what they'll be using tomorrow. This includes Splunk, Burp Suite, etc. - Experience with formal security models like MITRE ATT&CK or CIS Critical Security Controls - You work well with the unpredictable, ever changing threat landscape that exists in cybersecurity - You can perform independently to collect data, perform analysis, and research findings to determine if abuse or exploitation occurred - Enthusiasm and passion for Cyber Security - Experience in three or more of the following: - Cloud Security - we're a cloud company! - System Security - MacOS/Linux/Windows - Network Security - IDS, PCAP - Malware Analysis & Forensics - Incident Response - Signature/Alerting Creation - Tools of the trade including RegEx, YARA - Scripting - We like Python but other languages like Golang are cool too - SIEM/Log Aggregation/Data Analytics/Query languages - Splunk SPL, Lucene, SQL, Elk DSL - Networking and Security certifications a plus - Cybersecurity Boot Camp experience/completion a plus - Familiarity with AI tools and AI security - Excellent communication skills Requirements - Must be willing to work a shift schedule (4 days x 10 hours, 1 weekend day) Benefits - Pension, medical and dental coverage - Robust wellness program including 25 days of vacation (plus your birthday off!) - Subsidized gym membership Equal Opportunity We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability, and any other protected ground of discrimination under applicable human rights legislation.
• Monitor and investigate security alerts and events across security tooling, cloud environments, business systems, and applications. • Support incident response activities including detection, analysis, containment, eradication, recovery, and lessons learned. • Develop and improve security monitoring, alerting, playbooks, and operational procedures. • Assist with threat hunting and proactive identification of security risks and suspicious activity. • Maintain awareness of emerging cyber threats, vulnerabilities, and attack techniques relevant to SaaS businesses. • Own day-to-day vulnerability management activities across infrastructure, cloud platforms, applications, and endpoints. • Work with technology teams to prioritise and coordinate remediation activities. • Track vulnerabilities through to resolution and provide reporting on remediation performance. • Support penetration testing activities and coordinate remediation of findings. • Support the security of cloud environments and SaaS platforms through implementation and monitoring of security controls. • Assist with identity and access management initiatives, including privileged access management, role-based access control, and identity governance. • Review cloud security recommendations and assist with remediation activities. • Partner with engineering teams to support secure software development practices. • Assist with the identification, triage, and remediation of application security vulnerabilities. • Support security testing activities including SAST, DAST, dependency scanning, and secrets detection. • Contribute to threat modelling and secure design discussions where appropriate. • Support the continued operation and improvement of the Information Security Management System (ISMS). • Assist with security audits, compliance activities, evidence collection, and control reviews. • Contribute to the development and maintenance of security policies, standards, procedures, and guidance. • Support risk assessments and assist with tracking risk treatment activities. • Help maintain compliance with frameworks and standards including ISO 27001 and applicable data protection requirements. • Respond to customer and prospect security questionnaires and due diligence requests. • Conduct security reviews of suppliers, partners, and third-party services.
Security Analyst – Information Technology
Alberta Blue CrossCourage to fly, smile, move, start, stop, build, re-build and grow. We’re your Alberta benefits provider.
• Respond to threats, alerts, and cybersecurity incidents, supporting activities from detection through remediation • Follow and support adherence to standard operating procedures and identify opportunities for improvement • Participate in the planning and execution of simulation exercises, such as phishing testing • Participate in vulnerability management activities from scanning through to remediation • Analyze threat intelligence sources and publicly disclosed vulnerabilities to assess relevance, exploitability, and potential impact • Support cybersecurity audits and associated remediation efforts • Collaborate with internal teams to support security risk assessments across systems and applications • Identify potential security risks and recommend remediation or mitigation options • Support the maintenance and improvement of security policies, procedures, and standards • Support the delivery and continuous improvement of security awareness and training initiatives • Support validation and tuning security controls across identity, endpoint, and cloud environments • Support the implementation of security tools, controls, and operational initiatives • Communicate effectively with various IT technical and business teams
Role Description We're seeking a Senior Information Security Analyst to join our team and play a key role in protecting our information assets, strengthening our security posture, and helping the organization stay ahead of evolving cyber threats. This individual will partner across the business to identify risks, enhance security controls, and support a secure, scalable environment as we continue to grow. This is a fully remote opportunity to do meaningful work as part of a collaborative, people-first culture. At Relatient, we are passionate about making a difference in healthcare by helping organizations better connect with patients and improve outcomes. How You’ll Make an Impact: - Act as primary contact for SOC II Audit, Security Risk Assessment, and Penetration Testing. - Create and maintain security policies and standards to meet HITRUST, HIPAA and SOC II requirements. - Manage, maintain, and review security policy, documentation, and auditing. - Manage the process of submitting customers’ security information and audit questionnaires. - Serves as a part of the Networks Operation team for technology and security support. - Educates staff on security requirements and best practices. - Collaborates with leadership on the development of security policies. - Works with staff, business partners, and leadership to help them understand potential application security risks and mitigation. - Stays connected with industry best practices and vendor-specific application methodologies. Qualifications - Bachelor’s degree in computer science or related field or equivalent work experience in lieu of a degree is required. - 8+ years of information security, cybersecurity, or IT experience required. - 3+ years in a senior security engineering or analyst role preferred. - CISSP, CISM, GIAC, or equivalent security certification strongly preferred. - Experience in HIPAA, SOC II, and NIST controls. - Direct experience with anti-virus software, intrusion detection, firewalls, and content filtering. - Knowledge of risk assessment tools, technologies, and methods. - Experience designing secure networks, systems, and application architectures. - Knowledge of disaster recovery, computer forensic tools, technologies, and methodology. - Experience planning, researching, and developing security policies, standards and procedures. - Professional experience in a system administration role supporting multiple platforms and applications. - Ability to communicate network security issues to peers and management. - Ability to read and use the results of mobile code, malicious code, and anti-virus software. Mindsets That Matter: - Act with purpose, focus, and accountability. - Collaborate across teams and communicate clearly. - Keep innovating and automate what slows you down. Travel Requirements: - Traveling up to 5% may be required. Pay & Perks: - The salary range for this role is $95,000- $135,000. - Final compensation depends on experience, skills, and location. Benefits - Medical, dental, and vision coverage. - Company-paid life and disability insurance. - HSA with employer contributions. - Employee Assistance Program (EAP). - 401(k) with company match. - Unlimited PTO, 10 paid holidays, and paid parental leave. Equal Opportunity at Relatient: We’re building a team as diverse as the communities we serve. Relatient is proud to be an equal opportunity employer. If you need accommodation during the application process, just let us know. Ready to Join Relatient? If you’re looking for work that matters and a team that makes it count, we'd love to hear from you! To join our team, you must live in one of the following states where we’re authorized to hire: Alabama, Arkansas, Florida, Georgia, Indiana, Kentucky, Missouri, New Jersey, North Carolina, Ohio, Oklahoma, South Carolina, Tennessee, and Texas.



