Information Security Specialist
SEK Security Ecosystem Knowledge
full-time
Posted on:
Location Type: Hybrid
Location: Barueri • 🇧🇷 Brazil
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
AWSAzureCloudDNSGoogle Cloud PlatformLinuxPythonSplunkTCP/IP
About the role
- Monitor and analyze security alerts in real time
- Investigate and respond to security incidents
- Perform analysis of logs and security events
- Document incidents and prepare technical and executive reports
- Manage the Qualys platform (scans, asset validation, vulnerability analysis)
- Conduct vulnerability testing and risk analysis
- Prioritize remediation based on criticality and business impact
- Track remediation plans with infrastructure and development teams
- Implement and monitor CIS Benchmarks controls
- Harden operating systems (Windows/Linux)
- Assess network configurations and segmentation
- Ensure compliance with security standards
- Develop scripts to automate repetitive tasks
- Identify opportunities to improve processes
- Implement solutions to increase operational efficiency
Requirements
- Experience with CIS Benchmarks (deep expertise is a critical differentiator)
- Vulnerability management (preferably with Qualys)
- Windows and Linux operating systems
- Network and protocol analysis (TCP/IP, DNS, HTTP/HTTPS)
- Incident response and security investigation
- SIEM tools (Splunk, QRadar, Sentinel) are a plus
- Scripting languages (Python, PowerShell, Bash)
- Security frameworks (NIST, ISO 27001, MITRE ATT&CK)
- Certifications: CompTIA Security+, CEH, GCIH, or similar
- Experience in SOC/CSIRT
- Knowledge of cloud security (AWS, Azure, GCP)
- Technical English
Benefits
- Technical security consulting for internal and external clients
- Technical meetings
- Security assessments
- Recommendations based on industry best practices
- Monitoring the evolution of clients' security maturity
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
vulnerability managementCIS Benchmarksnetwork analysisprotocol analysisincident responsescripting languagessecurity frameworkscloud securityoperating systemsvulnerability testing
Soft skills
process improvementoperational efficiencycommunicationdocumentation
Certifications
CompTIA Security+CEHGCIH