Especialista Cyber Segurança

Role Summary The Cyber Security Analyst is a hands-on, senior technical role responsible for leading and executing cyber incident response activities across the enterprise. This role requires deep experience detecting, investigating, containing, eradicating, and recovering from security incidents, as well as operating and optimizing modern security platforms. The ideal candidate has 5+ years of direct incident response experience, has led real-world cyber incidents end-to-end, and is comfortable operating in high-pressure environments while coordinating with SOC, IT, cloud, OT, identity, and business stakeholders. This role also plays a key part in SOC maturity, including alert quality improvement, metrics development, and playbook execution. Key Responsibilities Incident Response & Operations Lead and execute response activities for security incidents and cyber intrusions, including malware, ransomware, phishing, identity compromise, cloud security events, and OT-related incidents. Act as an incident commander or senior responder during high-severity incidents, coordinating response activities across SOC, IT, Infrastructure, Cloud, Identity, OT, and third-party providers. Perform advanced investigation and root cause analysis using EDR, SIEM, email security, vulnerability management, DNS, certificate, and network telemetry. Drive containment, eradication, and recovery actions, ensuring incidents are fully resolved and documented. Support post-incident reviews, lessons learned, and corrective action planning. Security Tooling – Hands-On Expertise Operate and tune CrowdStrike EDR for threat detection, host containment, investigation, and remediation. Investigate email-based threats using Proofpoint Email Security Gateway, including phishing, BEC, malware, and impersonation attacks. Conduct threat detection and correlation within Sophos Taegis SIEM, leveraging alerts, telemetry, and custom detections. Utilize Tenable One Vulnerability Management to support incident investigations, exposure analysis, and remediation prioritization. Perform security testing and risk identification using: Tenable One Web Application Scanning Tenable One CNAPP (cloud posture and workload security) Tenable One OT Security Support certificate- and identity-related investigations involving PKI and DigiCert. Analyze DNS- and network-based threats using Infoblox BloxOne Security. Playbooks, Process & SOC Maturity Develop, execute, and continuously improve incident response playbooks for common and high-risk attack scenarios. Ensure playbooks align with incident severity, escalation paths, and business impact. Improve SOC effectiveness by driving alert fidelity, response consistency, and automation opportunities. Metrics & Continuous Improvement Define, implement, and maintain SOC and incident response metrics with a focus on: Reducing alert fatigue Improving Mean Time to Detect (MTTD) Improving Mean Time to Respond (MTTR) Analyze trends in alerts, incidents, and response performance to identify improvement opportunities. Present actionable metrics and insights to SOC leadership and security stakeholders. Required Experience & Skills 5+ years of hands-on experience in Security Operations and Incident Response. Proven track record leading cyber incidents, not just assisting or escalating them. Strong hands-on experience with: CrowdStrike EDR Proofpoint Email Security Gateway Sophos Taegis SIEM Tenable One (Vulnerability Management, Web App Scanning, CNAPP, OT Security) PKI and DigiCert certificate services Infoblox BloxOne Security Strong understanding of attacker tactics, techniques, and procedures (TTPs), including malware, ransomware, phishing, credential abuse, and cloud attack paths. Ability to operate under pressure, prioritize effectively, and communicate clearly during incidents. Strong documentation and communication skills for incident reporting and executive-level summaries. English Advanced Education (Preferred) Bachelor’s Degree in Computer Science, Information Security, or a related field(or equivalent practical experience) Certifications (Preferred or In Progress) CISSP CISM CEH Incident Response–focused certifications Microsoft Security certifications