Geekhunter Logo

Solutions

Recruitment Software

Post jobs, import profiles, add screening questions, and manage hiring all in one place with personalized questions and control the entire recruitment process.

Recruitment Service

Let our expert team handle the key stages of tech recruitment for you with our specialized team acting in the main stages of recruitment.

Talent Pool

Top-tier Brazilian tech professionals, pre-vetted and ready for action, all pre-selected and ready for new opportunities.

Our Plans

Discover the perfect plan for your needs.

Login

English

EN

Nava Technology for Business


São Paulo, SP, Brasil

Show original

Cybersecurity Analyst III

Hybrid

Brasil

Salary Range

Not informed

Full Time Employee

Experience Level

Senior

Requirements

5+ years of experience in the career
Inglês advanced
ISO 27002
OWASP
MITRE ATT&CK
NIST Cybersecurity Framework
FortiGate
Fortinet
CWE
CIS Controls
Cloudflare
MFA
CATO Networks
Cloud Security
OWASP Top 10
Linux
Azure
Akamai
TCP/IP
IBM QRadar
DNS
Proxy
SSO
SMTP
HTTP/HTTPS
Secrets Management
Load Balancer
ISO 27001
AWS
CVSS
IAM
Windows Server
Vulnerability Management
Reverse Proxy
API Security

Tasks and Responsibilities

Show original

About the role:

We are seeking a Senior Information Security Analyst to protect the organization's digital assets, ensuring high levels of security, availability, and compliance across corporate environments.


This professional will be responsible for administering, maintaining, monitoring, and evolving security controls, working directly with solutions for application protection, perimeter security, secure access, threat monitoring, incident response, and infrastructure hardening.


Key responsibilities:

  • Administer and support security platforms for networks, applications, and secure access.
  • Operate and evolve protection environments using solutions such as Akamai, Cloudflare, CATO Networks, and Fortinet.
  • Perform analysis, investigation, and response to security incidents.
  • Work on the identification, containment, eradication, and recovery of security events.
  • Execute Threat Hunting activities and analyze Indicators of Compromise (IoCs).
  • Support internal and external audits related to information security.
  • Participate in security architecture projects for new applications and services.
  • Manage WAF rules, DDoS protection, CDN, DNS Security, and Zero Trust.
  • Monitor events via SIEM platforms and observability tools.
  • Develop and review security procedures, policies, and standards.
  • Collaborate with infrastructure, cloud, DevOps, and development teams to implement security controls.
  • Implement best practices based on frameworks such as ISO 27001, ISO 27002, CIS Controls, NIST Cybersecurity Framework, MITRE ATT&CK, and OWASP.

Mandatory requirements:

  • Solid experience in at least two perimeter and application security platforms, such as Akamai, Cloudflare, or CATO Networks.
  • Advanced experience with Fortinet Firewalls (FortiGate), SSL/IPSec VPN, FortiAnalyzer, and FortiManager.
  • Knowledge of TCP/IP, DNS, HTTP/HTTPS, Proxy, SMTP, Load Balancer, and Reverse Proxy.
  • Proven experience with IBM QRadar, event correlation, creating Use Cases, detection rules, and alert investigation.
  • Experience with Linux (RedHat, CentOS, Ubuntu) and Windows Server, including Active Directory, GPO, and event auditing.
  • Knowledge in Vulnerability Management, OWASP Top 10, CWE, CVSS, MITRE ATT&CK, API security, cloud security, IAM, MFA, SSO, and Secrets Management.
  • Experience with cloud providers Azure and AWS.
  • Bachelor's degree completed in Information Security, Computer Science, Information Systems, Computer Engineering, or Computer Networks.

Differentials:

  • Experience in SOC Level 2 or Level 3.
  • Experience in large-scale corporate environments.
  • Knowledge in DevSecOps.
  • Automation with Python, PowerShell, or Bash.
  • Knowledge in SOAR.
  • Experience with vulnerability management (Qualys, Tenable, Rapid7).
  • Knowledge in application and API security.
  • Knowledge in hybrid and multicloud environments.
  • Advanced English.
  • Graduate degree or specialization in Information Security.
  • Certifications such as CISSP, CISM, CCSP, CompTIA Security+, CompTIA CySA+, Fortinet NSE 4/5, Akamai Security Certified, Cloudflare Security Certifications, CrowdStrike Falcon Certification, QRadar Certified Associate, or QRadar Certified Analyst.

Additional information:

Hybrid work model in Alphaville.

Working hours: Monday to Friday, from 09:00 to 18:00.


How to apply:

Interested? Apply for the role and complete your technical interview with SophIA:

https://entrevista.starmindai.ai

Job code: NAVA-305054

Share job:

Share job: