Sr. Cyber Security Analyst (CSIRT)
Suggest improvements, create documentation of playbooks, runbooks and use cases.
Have ability to identify and classify key threats targeted at the business in order to take preventive measures and improve the detection and response process.
Your responsibilities will be:
- Manage Incident Response Plans;
- Develop strategies for threat detection;
- Build mechanisms to automate incident response activities;
- Thorough analysis of incidents, in order to do threat hunting;
- Follow-up and treatment of Threat Intelligence cases;
- Performing the construction and improvement of Playbooks;
- Assemble and direct WAR ROOM actions to contain incidents
- Conduct technical assessments of new cyber threats, such as attack tools, TTP, exploits, malware, etc.
- Provides the necessary technical support for cyber incident response investigations, including containment, eradication and remediation activities from initiation to conclusion with continuous monitoring.
- Update and adapt incident response manuals to address the use cases that are part of the CSIRT scope.
- Maintain technical and executive communication for the opening, follow-up and closing of any security incident.
- Experience in the Incident Response area;
- Experience with script development and automation tools, with a focus on incident response;
- Experience in documenting/ creating reports with details about the incidents;
- Knowledge in handling vulnerabilities using CVE, CVSS, Exploits, etc;
- Have knowledge in SIEM & SOAR tools;
- Solid knowledge in security frameworks such as Nist, Mitre, CIS, Kill Chain, etc;
- Experience investigating security incidents involving malware, data leakage and other artifacts;
- Knowledge in threat intelligence process;
- Malicious software, Phishing and malicious URLs analysis;
- Advanced log analysis;
- Develop, monitor and update metrics related to the progress of activities and their effectiveness, using the actions taken, in order to monitor results and propose improvements in processes;
- Develop research in information security, using reference materials or tools in the market, looking to constantly raise the level of maturity of information security throughout the company;
- Excellent communication skills;
- A background working in a regulated industry such as financial services;
- Experience with Amazon Web Services;
- AWS Cloud Security Certification;
- Certifications in the security field will be a plus.
- Knowledge in Networking (CCNA certificate preferred).
- Knowledge in Python or similar languages.
- Medical and dental assistance - You don't have to worry about co-participation fees. Here our RecargaPayers have access to excellent hospitals throughout Brazil, without worrying about discounts at the end of the month.
- Life insurance - Because we know that your life is worth a lot <3
- Flexible Meal voucher - What does it mean? You can choose how you want to spend your $$ in Lunch, Market, Pharmacy, Courses, Mobility, Education ... yes, lots of possibilities.
- TotalPass - Healthy mind, healthy body.
- Money in your RecargaPay Wallet monthly - To pay for that one bill and still have cashback. And specially to tell us how we can improve even more.
- Spanish lessons - Sí, acá trabajamos aprendiendo.
- Up to 70% discount on English courses - Why not be trilingual?
- Discount in Universities for Undergraduate, Graduate and MBA courses - Knowledge is never too much, is it?
- No Dress-Code - Here you can be YOU!
Diversity and Authenticity at RecargaPay
We are a company formed by dream-makers. That challenges the status quo, the market, and the “always been like this” thing. That proposes the new, the different, that will, in fact, make a difference.
And we are doing it all because we are diverse. We are women, men and non-binaries, LGBTQIA + and heterosexuals, trans, cis and fluid gender. White, black, yellow and multicolored. Young, mature, with and without disabilities. And without defined patterns.
We are authentic. We are talented. Authenticity is what moves us.
That's why here at RecargaPay you are free to be who you are, every single day.
The use of your Data
The candidate, when sending the curriculum with personal and professional data to participate in RecargaPay's recruitment and selection process, is aware that the data will be used for the necessary analysis and validations throughout the recruitment process and for hiring, if necessary, as well as authorizes RecargaPay to share the curriculum data with other companies in the RecargaPay group in case opportunities arise in line with the candidate's profile.
In compliance with Law 13.709 / 18, LGPD - General Data Protection Law, the candidate may ask for the updating, rectification and modification of his information during the recruitment and selection process, or, still, request the non-use of the data under the terms applicable law.