Local: São Paulo - São Paulo, Brazil, São Paulo, State of São Paulo, Brazil Formato: Presencial This role requires both in-person and 12x36 shift work.
Local
São Paulo - SP
Presencial
Responsabilidades
- Alert Monitoring & Queue Management: Actively monitor SIEM, EDR, and cloud security consoles to identify suspicious activity.
- Validation & Classification: Distinguish between false positives and true security incidents.
- Incident Enrichment: Perform initial "deep dives" on alerts by collecting relevant evidence (logs, process trees, network traffic, and metadata).
- Initial Containment (Tier 1 Response): Execute standardized playbooks for immediate threat mitigation, such as isolating compromised hosts, revoking session tokens or blocking malicious IPs/domains to minimize "blast radius."
- Seamless Escalation: Draft high-quality hand-off reports for the CSIRT squad, ensuring all technical indicators (IOCs) and initial findings are clearly documented to reduce Mean Time to Respond (MTTR).
- External Threat Screening: Monitor Dark Web, social media, and phishing repositories for targeted campaigns, performing the initial triage of leaked credentials or mentions of the company.
Requisitos
- Bachelor's degree in computer science, Computer Engineering or related fields.
- At least 1 year of experience in a SOC or Incident Response environment, specifically handling high-volume alert queues.
- Fluency in Portuguese and English is mandatory for technical reporting and global collaboration.
- Proficiency in analyzing logs from multiple sources (Windows/Linux Event Logs, Firewall, Proxy, AWS/Azure/GCP, and O365).
- Solid understanding of TCP/IP, DNS, HTTP/S, and common attack vectors (DDoS, SQLi, Brute Force).
- Familiarity with SIEM/EDR platforms and triage-assistance tools (e.g., VirusTotal, Any.Run, URLScan, Joe Sandbox, AbuseIPDB).
- Understanding of the MITRE ATT&CK framework to categorize observed attacker behavior during the triage process.
Carga horária
This role requires both in-person and 12x36 shift work.
Sobre a empresa
All employees are expected to display behaviours reflective of our company values: Integrity and Ethics, Collaboration and Teamwork, Commitment to People and Professionalism and Excellence.