3CON Consultoria e Sistemas

Senior Information Security Analyst

3CON Consultoria e Sistemas

full-time

Posted on:

Location Type: Hybrid

Location: São PauloBrazil

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

AWSAzureCloudGoogle Cloud PlatformLinuxSplunk

About the role

  • Act as a Senior Cybersecurity Engineer with a leading technical role, serving as a reference in detection, response, and security engineering, supporting the continuous evolution of the organization’s security controls and defensive capabilities;
  • Engineer, maintain, and continuously improve security solutions such as SIEM, EDR/XDR, NDR, and incident response tools;
  • Lead and support security incident response activities, including root cause analysis, containment, eradication, and lessons learned;
  • Perform threat hunting activities, identifying anomalous behavior and advanced techniques, tactics, and procedures (TTPs);
  • Tune and optimize security tools to reduce false positives and increase detection effectiveness;
  • Support the creation and evolution of detection use cases, correlation rules, and response playbooks;
  • Work collaboratively with SOC, GRC, infrastructure, networking, and technology teams;
  • Participate in defining secure architectures and technical security requirements;
  • Support simulation exercises, readiness tests, and, where applicable, Purple Team initiatives;
  • Produce technical documentation, executive reports, and recommendations for continuous improvement;
  • Actively contribute to the organization’s cybersecurity technical and cultural maturity.

Requirements

  • Strong experience in security engineering and/or cybersecurity operations;
  • Hands-on knowledge of incident response, basic forensic analysis, and alert investigation;
  • Experience with SIEM (e.g., Splunk, Microsoft Sentinel, QRadar) and EDR/XDR (e.g., Defender, CrowdStrike, SentinelOne);
  • Practical experience in threat hunting and TTP-based analysis (MITRE ATT&CK);
  • Ability to tune rules, alerts, and security policies;
  • Knowledge of networking, operating systems (Windows/Linux), and cloud security;
  • Strong technical communication skills and the ability to act as a reference for other analysts.
  • Behavioral Competencies:
  • Strong sense of responsibility and technical ownership;
  • Clear, concise, and risk-oriented communication;
  • Ability to perform under pressure during incident scenarios;
  • Collaborative, team-oriented mindset;
  • Cultural alignment, positive attitude, project and task management, vendor interaction skills, and organizational aptitude.
  • Preferred Qualifications:
  • Practical or conceptual experience with Purple Team methodology;
  • Knowledge of security automation and SOAR;
  • Experience in cloud environments (Azure, AWS, or GCP);
  • Certifications such as GCIA, GCED, GCIH, SC-200, AZ-500 or equivalents;
  • Knowledge of security and response frameworks (NIST CSF, NIST SP 800-61);
  • Experience with threat intelligence and use of external feeds.
Benefits
  • Health Insurance
  • Dental Insurance
  • Meal Allowance
  • Life Insurance
  • Childcare Assistance
  • Support for Dependents with Disabilities
  • Training
  • Certification Incentive
  • Running Incentive
  • Partnerships with Universities
  • Partnerships with Language Schools
  • Digital Work Environment
  • TotalPass
  • Use of Cutting-Edge Technology
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
security engineeringincident responseforensic analysisthreat huntingTTP-based analysisrule tuningalert investigationcloud securitynetworkingoperating systems
Soft Skills
technical communicationresponsibilitytechnical ownershiprisk-oriented communicationperform under pressurecollaborative mindsetpositive attitudeproject managementtask managementorganizational aptitude
Certifications
GCIAGCEDGCIHSC-200AZ-500