CoE | Centro de Excelência Votorantim

Senior Information Security Analyst - Incident Response

CoE | Centro de Excelência Votorantim

full-time

Posted on:

Location Type: Remote

Location: Brazil

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

LinuxPythonSplunk

About the role

  • Incident Management: Lead the technical response to complex security incidents (Ransomware, APTs, Insider Threats), from detection through post-incident lessons learned (Post-Mortem).
  • Threat Hunting: Perform proactive threat hunting across the network and endpoints, driven by hypotheses informed by Threat Intelligence.
  • Digital Forensics: Collect and analyze digital artifacts (memory, disk, logs) to reconstruct the attack timeline.
  • Detection Engineering: Develop and tune correlation rules in the SIEM and detection signatures (YARA, Snort/Suricata).
  • Automation (SOAR): Build playbooks and scripts (Python/PowerShell) to automate responses to repetitive alerts.
  • Mentorship: Support the technical development of junior and mid-level analysts (N1/N2).

Requirements

  • Proven Experience: Demonstrated experience in Blue Team, SOC, or CSIRT (minimum ~3 years recommended).
  • Frameworks: Proficiency with NIST CSF and, in particular, MITRE ATT&CK for mapping TTPs (Tactics, Techniques, and Procedures).
  • Operating Systems: Deep knowledge of Windows internals (Event Logs, Registry, Prefetch) and Linux internals (logs, kernel, Bash).
  • Defensive Tools: Hands-on experience with SIEM platforms (Splunk, Elastic, Sentinel, or QRadar) and EDR/XDR (CrowdStrike, SentinelOne, Microsoft Defender).
  • Networks: In-depth network traffic analysis (PCAP) using Wireshark or Zeek.
Benefits
  • Our offices are located in São Paulo and Curitiba.
  • We provide administrative support to the Votorantim Group's portfolio companies.
  • We believe talented professionals are everywhere; our opportunities are open to all, regardless of race, age, gender, sexual orientation, gender identity, and/or disability.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Incident ManagementThreat HuntingDigital ForensicsDetection EngineeringAutomationPythonPowerShellNIST CSFMITRE ATT&CKNetwork Traffic Analysis
Soft Skills
Mentorship