Riachuelo

Senior Blue Team Analyst – CSIRT

Riachuelo

full-time

Posted on:

Location Type: Hybrid

Location: São PauloBrazil

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

Linux

About the role

  • Preparation: Develop incident response policies, procedures and plans.
  • Detection and Analysis: Monitor systems to identify and investigate potential security incidents. This may involve analysis of security logs, network traffic and security alerts.
  • Containment and Eradication: Take measures to contain incidents and prevent further spread.
  • Recovery: Restore affected systems and ensure they return to normal operation. This includes service restoration and review of security controls.
  • Post-Incident Analysis: Conduct detailed incident analysis to identify lessons learned and implement improvements to prevent future incidents.
  • Incident Reporting and Documentation: Draft detailed incident reports following company documentation standards and maintain organized records for future reviews and audits.
  • Forensic Analysis and Investigation: When a security incident occurs, perform forensic analysis to determine root cause, identify attackers and collect evidence for potential legal action. This detailed analysis helps prevent future incidents and improves existing security measures.
  • Policy and Procedure Development: Contribute to the development and implementation of information security policies and procedures. This includes creating security guidelines, configuration standards, best practices and security controls to ensure compliance with regulations and standards;
  • Improvement Recommendations: Propose adjustments to processes, policies and security controls based on lessons learned from incident analyses to enhance resilience against threats.

Requirements

  • Bachelor's degree in Information Security, Computer Science, Computer Engineering, Information Systems or related IT fields.
  • Postgraduate specialization such as an MBA or other advanced degrees.
  • Minimum of 6 years' experience working in Information Security, including at least 3 years in security engineering and architecture of security solutions.
  • Information security certifications such as ISO/IEC 27001, ITIL, Security+ and relevant security product certifications.
  • Languages: Advanced English.
  • Relevant professional courses in the field.
  • Advanced knowledge of: ISO/IEC 27002, NIST CSF, ISA-62443, MITRE ATT&CK.
  • Incident Monitoring and Detection: Experience with monitoring and incident response tools such as SIEM, EDR/XDR.
  • Log Analysis and Digital Forensics: Proficiency in log analysis and conducting forensic investigations on systems.
  • Threat Management and Control: Knowledge of threat modeling and attack techniques and mitigations.
  • Operating Systems: Windows / Linux.
  • Networks, infrastructure and secure and insecure protocols.
Benefits
  • Health insurance
  • Dental insurance
  • Meal voucher
  • Food allowance
  • Gympass
  • Childcare assistance
  • Culture voucher
  • Home office allowance
  • Profit sharing (PLR)
  • Private pension plan
  • Group life insurance
  • Educational partnerships
  • Discounts at Riachuelo

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
incident responseforensic analysislog analysissecurity engineeringsecurity architecturethreat modelingattack techniquesdigital forensicsservice restorationsecurity controls
Soft skills
communicationorganizational skillsanalytical skillsproblem-solvingattention to detailcollaborationadaptabilitycritical thinkingreport writingprocess improvement
Certifications
ISO/IEC 27001ITILSecurity+ISO/IEC 27002NIST CSFISA-62443MITRE ATT&CK