Cyber Defense Analyst – Purple Team

ISH Tecnologia

full-time

Posted on: 2/2/2026

Location Type: Remote

Location: Brasil

Visit company website

Explore more

Analyst jobs

✨ AI Apply

Apply

Job Level

Mid-Level Senior

Tech Stack

Python

About the role

Structure exercises based on MITRE ATT&CK techniques.
Map attack scenarios against existing defenses.
Work with Red and Blue teams to define objectives, rules, and expectations for exercises.
Execute controlled attacks such as phishing, lateral movement, remote execution, credential harvesting, etc.
Reproduce tactics, techniques, and procedures (TTPs) used by real APT groups.
Create automations or scripts to reproduce complex attacks.
Identify gaps and collect evidence of detection and prevention failures.
Work with specialist teams to fine-tune or create new policies.
Evaluate the quality of detections (alerts, rules, correlations).
Create or update detection rules (KQL, Sigma, YARA, etc.).
Help improve response and containment processes.
Assist in building realistic attack chains.
Ensure the Red Team uses techniques aligned with the environment and exercise objectives.
Document:
Detected techniques
Detection gaps
Current coverage vs. expected coverage
Create coverage matrices (heatmaps) for the organization.
Create response playbooks for use cases developed during Purple research and exercises.
Map how the Blue Team should act when new techniques are detected.
Document complete attack and defense scenarios.
Consume and apply intelligence information to:
Update exercise TTPs
Model threats relevant to the industry
Identify new attack surfaces and vectors
Link strategic and operational intelligence.
Produce Technical and Executive Reports.
Conduct research related to techniques used by offensive groups by industry segment.
Communicate results to both technical teams and management.
Create a continuous cycle of: attack simulation / detection assessment / defense remediation / new test.
Promote integration between security teams.

Requirements

Experience in security incident response.
Experience analyzing logs from SIEM, XDR, and Firewall tools.
Knowledge of automated vulnerability scanners.
Proficiency in Python, Bash and other scripting languages.
Knowledge of security frameworks.
Advanced English.
The following certifications are a plus: CompTIA Security+, OSCP, CEH.

Benefits

Health plan with no monthly fee for you (co-participation).
Dental plan with no monthly fee for you.
Life insurance.
Pipo Saúde: Digital health and corporate benefits broker.
Zenklub: Emotional health and well-being platform with special discounts.
TotalPass: Platform that connects you to various networks to support your (and your family’s) well-being.
Private pension plan.
Transportation allowance.
Meal or food allowance.
Birthday day off: Enjoy a day off during your birthday month.
Casual-ish dress code – Comfort and professionalism go hand in hand: choose an outfit that reflects your well-being while respecting the work environment.
Breakfast and afternoon fruit provided to energize your in-office routine.
Employee referral program with cash bonuses.
Onboarding kit: We prepare a comprehensive kit to support your daily work.
Deeplearning: Our Corporate University — a space dedicated to continuous development with courses, trainings and workshops for professional and personal growth.
Opportunity for professional growth.
Culture of feedback and development.
Exclusive leadership program.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

MITRE ATT&CK techniquesKQLSigmaYARAPythonBashautomated vulnerability scannerssecurity frameworksattack simulationdetection assessment

Soft Skills

communicationcollaborationdocumentationanalytical thinkingproblem-solvingteamworkadaptabilityattention to detailreportingstrategic thinking

Certifications

CompTIA Security+OSCPCEH