FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.
Core Competencies
Role fitCore Competencies
Use this summary to align your resume positioning with the role.
Demonstrates foundational knowledge in information security principles, including the CIA triad, and practical experience with security tools and processes. Proficient in user access management, vulnerability assessment, and incident response, with a commitment to continuous learning and collaboration.
Highest-signal resume keywords
Information Security FundamentalsVulnerability AssessmentUser Access ManagementIncident ResponseSecurity Awareness Campaigns
ATS Keywords
Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills
Security Information and Event Management (SIEM)Endpoint Detection and Response (EDR)Network Protocols (TCP/IP, DNS, HTTP/S)Windows AdministrationLinux AdministrationVulnerability ScanningIndicators of Compromise (IoCs)Data Loss Prevention (DLP)Access ManagementTechnical Evidence Collection
Soft Skills
Communication SkillsInterpersonal SkillsCollaborationMentorship OpennessDiscipline
Tools & Technologies
Google SecOpsAny.RunActive DirectoryAzure ADKnowBe4
Certifications & Qualifications
CompTIA Security+Exin ISFSISO/IEC 27001 FoundationAWS Cloud PractitionerAzure Fundamentals (AZ-900)
Industry Keywords
ConfidentialityIntegrityAvailability (CIA)PhishingMalwareLeast PrivilegeTechnical Security EvidenceLGPDIT Risk MappingSocial Engineering
Tech Stack
Tools & technologiesAWSAzureCloudDNSLinuxTCP/IP
About the role
Key responsibilities & impact- Perform continuous monitoring and triage of security alerts generated by the SIEM (Google SecOps or similar), EDR, and perimeter tools;
- Assist with initial validation of vulnerabilities discovered by automated scans, recording findings to support the team's remediation plans;
- Support the simulation of basic attack tactics and techniques based on industry frameworks (such as MITRE ATT&CK), helping validate that internal alerts and detection rules are functioning;
- Assist with preliminary analysis of suspicious emails (phishing) and artifacts in controlled sandbox environments (such as Any.Run), extracting initial indicators of compromise (IoCs) under supervision;
- Support monitoring of basic secure web gateway (SWG) rules, content filtering, and data loss prevention (DLP) incidents;
- Support operational execution of user access review campaigns, assisting with extraction of directory reports (Active Directory/Azure AD) and following up with managers for responses;
- Assist in provisioning and basic auditing of logical accounts, helping ensure the practical application of the principle of least privilege;
- Act as support in the collection, organization, and sanitization of technical security evidence to meet internal/external audits and LGPD (Brazilian General Data Protection Law) requirements;
- Collaborate in maintaining asset inventories, basic IT risk mapping, and third-party security assessment questionnaires;
- Support operational execution of information security awareness campaigns, assisting with configuration and launching of social engineering (phishing) simulations using tools like KnowBe4;
- Promote security best practices, privacy, and responsible credential use in day-to-day operations, serving as a point of contact for basic questions for new hires (onboarding) and technology teams;
- Actively pursue technical development through mentorship from more experienced team members (Senior Analysts and Specialists), absorbing knowledge in detection engineering, incident response, and corporate governance.
Requirements
What you’ll need- Bachelor's degree in progress or completed in Systems Analysis, Information Security, Computer Science, Computer Engineering, Computer Networks, or related fields;
- Fundamental knowledge of information security: understanding of the Confidentiality, Integrity, and Availability (CIA) triad, plus basic concepts of vulnerabilities and common threats (such as phishing and malware);
- Basic knowledge of networks and operating systems: understanding how network protocols (TCP/IP, DNS, HTTP/S) work and basic navigation/administration in Windows and Linux environments;
- Familiarity with access management concepts: understanding the principle of least privilege and the lifecycle of user accounts in corporate environments;
- Initial experience or practical exposure (including internships, technical support, service desk, infrastructure operations/NOC, or related IT areas), demonstrating affinity for technology routines;
- Experience handling tickets or providing user support, demonstrating good communication and interpersonal skills to resolve operational questions;
- Familiarity with performing structured routines, such as filling asset inventories, extracting basic system reports, collecting logs, or organizing documents;
- Track record of collaborative work, showing openness to receive technical mentorship, ability to learn quickly, and discipline to follow processes established by leadership.
- Entry-level or foundational certifications that demonstrate genuine interest and pursuit of specialization in the area, such as: CompTIA Security+, Exin ISFS, ISO/IEC 27001 Foundation, or fundamental cloud credentials (AWS Cloud Practitioner / Azure Fundamentals - AZ-900).
Benefits
Comp & perks- Meal voucher
- Health and dental insurance
- Gympass
- Birthday day off
- Psychological counseling/support
- Transportation voucher
