Description

JOB DESCRIPTION:
The security incident and event analyst, a.k.a Incident Handler, shall be responsible for real-time monitoring and response of security threats and vulnerabilities in cybersecurity.

In the Security Incident and Event Management process, this role requires the ability to analyze events, vulnerability findings, logs and other data sources, in order to determine root causes of security events, providing recommendation to resolve the events, accordingly with established policies and best practices. This ability should include both operational and management perspectives. Furthermore, has to be capable of deep analysis of security incidents including but not only forensics processes.

MAIN RESPONSIBILITIES:

• Analyze security incidents, alerts and events, to provide recommendation on action to address such issues;
• Perform the necessary activities to ensure immediate, short-term resolution of incidents, to minimize production down time and risk exposure;
• Provide support to ensure rapid resolution of incidents, through an incident response platform, which enables the security analyst to track their resolution process;
• Maintain a pro-active attitude and a communicative relationship with clients and management, to provide information throughout the incident life-cycle;
• Pro-actively monitor clients' infrastructure, using specialized security application and private privileged information feeds;
• Hands on troubleshooting, analysis, and technical expertise to resolve security incidents and client requests;
• Execute and manage vulnerability assessments;
• Provide comprehensive and accurate reports about incident response for Manager and Client;
• Possible participation in after hours on-call rotation.

REQUIREMENTS:

• 1+ years of work experience in information security, especially in the fields of incident response, incident handling and digital forensics;
• Previous experience in troubleshooting day-to-day operational processes such as report generation, data verification, data correlation, etc.
• Understanding of UNIX based operating systems, including system installation / configuration, file system concepts, resource monitoring, user administration, package management, and process control/management;
• Familiarity with protocols and services, such as TCP/IP, SIP , DNS , DHCP , LDAP , SMTP, IMAP, HTTP, SMB, FTP, etc.
• Strong working knowledge of security tools such as firewalls, IDS/IPS, A/V and endpoint security tools, anti-spam, common incident response technology, vulnerability assessment tools, network device and system hardening, etc
• Good scripting and task automation skills;
• Ability to learn and operate in a dynamic environment;
• Ability to work as a member of a team;
• Languages:
  • English (Spoken and Written): Mandatory
  • Portuguese (Spoken and Written): Mandatory
• Bachelor or master degree is a plus
• Technical certifications are a plus.

HOW TO APPLY: If you have some or all of the above skills and experience, then please apply by emailing your updated CV to [email protected]