Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

Apply faster with JobTailor

Recommended
Apply

Apply your way

Use the standard apply link, or let JobTailor help you move faster.

  • Apply directly in one click
  • No setup required
  • Best if you’re in a hurry
Start AI Apply
ISH Tecnologia

Cyber Defense Technical Lead

ISH Tecnologia

. Act as the primary technical reference for SOC operations, supporting N1 and N2 analysts in conducting security investigations.

Posted 4/20/2026full-timeVitória • BrasilSeniorWebsite

Tech Stack

Tools & technologies
AWSAzureCloudDNSGoogle Cloud PlatformLinuxSplunkTCP/IP

About the role

Key responsibilities & impact
  • Act as the primary technical reference for SOC operations, supporting N1 and N2 analysts in conducting security investigations.
  • Perform advanced technical analysis of complex incidents, including root cause identification, impact assessment, and attack vector determination.
  • Correlate events from multiple sources (SIEM, EDR/XDR, network logs, system logs and other security tools) to build threat scenarios.
  • Provide technical guidance on containment, mitigation, and incident response actions.
  • Ensure the technical quality of analyses performed by the SOC, reviewing investigations when necessary.
  • Ensure adherence to the defined processes, procedures and playbooks for the operation.
  • Identify opportunities to improve detection mechanisms and support the creation and evolution of correlation rules in the SIEM.
  • Work to reduce false positives and increase the SOC’s operational efficiency.
  • Propose and implement continuous improvements to operational processes, playbooks and runbooks.
  • Collaborate with Security Engineering and DFIR teams to evolve detection and response capabilities.
  • Provide technical support for the analysis of relevant incidents to management (supervisors and managers).
  • Promote sharing of technical knowledge and best practices within the team.
  • Document relevant technical analyses and contribute to the evolution of the operation’s documentation.
  • Support the preparation of technical reports on security incidents.

Requirements

What you’ll need
  • Hands-on experience with SIEM platforms (e.g., Securonix, Splunk, IBM QRadar, Microsoft Sentinel or similar), including creating and tuning correlation rules.
  • Experience with EDR/XDR solutions (e.g., Microsoft Defender, CrowdStrike, SentinelOne).
  • Experience analyzing security logs from multiple sources:
  • Operating systems (Windows/Linux)
  • Network devices (Firewalls, Proxies, IDS/IPS)
  • Applications and cloud services
  • Knowledge of network protocols (TCP/IP, DNS, HTTP/HTTPS) and traffic analysis.
  • Familiarity with investigation and analysis tools, such as:
  • Threat Intelligence platforms
  • Sandboxes
  • Forensic analysis tools (basic to intermediate)
  • Experience integrating security tools and ingesting logs.
  • Knowledge of cloud environments (Azure, AWS or GCP) and their security logs.
  • Advanced incident investigation capabilities (analysis, correlation and response).
  • Strong log analysis skills and the ability to identify attack patterns.
  • Experience reducing false positives and optimizing alerts.
  • Practical knowledge of security frameworks and methodologies, such as:
  • MITRE ATT&CK
  • NIST
  • CIS Controls
  • Ability to create and evolve:
  • Detection use cases
  • Incident response playbooks and runbooks
  • Structured thinking for analyzing complex scenarios and identifying root causes.

Benefits

Comp & perks
  • Health plan with no monthly fee for you (cost-sharing);
  • Dental plan with no monthly fee for you;
  • Life insurance;
  • Pipo Saúde: Digital health and corporate benefits broker;
  • Zenklub: Emotional health and well-being platform, with special discounts;
  • TotalPass: Platform that connects you to various networks to support your and your family’s well-being.
  • Private pension plan;
  • Commuter allowance;
  • Meal or food allowance;
  • Birthday day off: How about a day off during your birthday month?
  • Casual ISH – Comfort and professionalism together: choose an outfit that reflects your well-being while respecting the workplace;
  • Morning and afternoon fruit breakfasts to boost energy for in-person routines!
  • Employee referral program with cash bonuses;
  • Onboarding kit: We prepare a Super kit to support your day-to-day at work.
  • Deeplearning: Our Corporate University - a space dedicated to continuous development of our employees, with courses, training and workshops focused on professional and personal improvement;
  • Opportunity for professional growth;
  • Culture of feedback and development;
  • Exclusive leadership program;
  • Here you’ll find a relaxed environment that breathes innovation; our leadership is accessible! Doors are always open and you can find them walking the company corridors.

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
SIEMEDRXDRlog analysisincident investigationcorrelation rulesnetwork protocolstraffic analysissecurity frameworksdetection use cases
Soft Skills
technical guidancecollaborationdocumentationcontinuous improvementroot cause analysisproblem-solvingknowledge sharingcommunicationorganizational skillsanalytical thinking