Compliance & Information Security Analyst at beqom managing GRC and vendor risk management processes. Focused on ensuring compliance and data protection in a hybrid work setting.
About the role
- Senior Cybersecurity Engineer at 3CON responsible for detection and response engineering in Brazilian pharmaceutical retail. Collaborating with teams and improving security controls continuously.
Responsibilities
- Act as a Senior Cybersecurity Engineer with a leading technical role, serving as a reference in detection, response, and security engineering, supporting the continuous evolution of the organization’s security controls and defensive capabilities;
- Engineer, maintain, and continuously improve security solutions such as SIEM, EDR/XDR, NDR, and incident response tools;
- Lead and support security incident response activities, including root cause analysis, containment, eradication, and lessons learned;
- Perform threat hunting activities, identifying anomalous behavior and advanced techniques, tactics, and procedures (TTPs);
- Tune and optimize security tools to reduce false positives and increase detection effectiveness;
- Support the creation and evolution of detection use cases, correlation rules, and response playbooks;
- Work collaboratively with SOC, GRC, infrastructure, networking, and technology teams;
- Participate in defining secure architectures and technical security requirements;
- Support simulation exercises, readiness tests, and, where applicable, Purple Team initiatives;
- Produce technical documentation, executive reports, and recommendations for continuous improvement;
- Actively contribute to the organization’s cybersecurity technical and cultural maturity.
Requirements
- Strong experience in security engineering and/or cybersecurity operations;
- Hands-on knowledge of incident response, basic forensic analysis, and alert investigation;
- Experience with SIEM (e.g., Splunk, Microsoft Sentinel, QRadar) and EDR/XDR (e.g., Defender, CrowdStrike, SentinelOne);
- Practical experience in threat hunting and TTP-based analysis (MITRE ATT&CK);
- Ability to tune rules, alerts, and security policies;
- Knowledge of networking, operating systems (Windows/Linux), and cloud security;
- Strong technical communication skills and the ability to act as a reference for other analysts.
- Behavioral Competencies:
- Strong sense of responsibility and technical ownership;
- Clear, concise, and risk-oriented communication;
- Ability to perform under pressure during incident scenarios;
- Collaborative, team-oriented mindset;
- Cultural alignment, positive attitude, project and task management, vendor interaction skills, and organizational aptitude.
- Preferred Qualifications:
- Practical or conceptual experience with Purple Team methodology;
- Knowledge of security automation and SOAR;
- Experience in cloud environments (Azure, AWS, or GCP);
- Certifications such as GCIA, GCED, GCIH, SC-200, AZ-500 or equivalents;
- Knowledge of security and response frameworks (NIST CSF, NIST SP 800-61);
- Experience with threat intelligence and use of external feeds.
Benefits
- Health Insurance
- Dental Insurance
- Meal Allowance
- Life Insurance
- Childcare Assistance
- Support for Dependents with Disabilities
- Training
- Certification Incentive
- Running Incentive
- Partnerships with Universities
- Partnerships with Language Schools
- Digital Work Environment
- TotalPass
- Use of Cutting-Edge Technology
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Information Security Assistant with a focus on secure development and cybersecurity solutions at Financiera Oh, a key player in Peru's financial sector.
Security Analyst providing technical client support in Managed Security Services at CDW. Monitoring security alerts and incidents while fostering trust and loyalty with clients.
Information Security Analyst providing second - level support and managing security tools at NetSecurity. Collaborating with teams to mitigate risks and vulnerabilities through advanced troubleshooting.
Junior Information Security Analyst focused on detecting and remediating vulnerabilities and supporting incident response. Works with SIEM, EDR/XDR, vulnerability management and collaborates with SOC, Red Team and DevSecOps.
Security Analyst providing SOC support in São Paulo. Engaging in SIEM tasks, incident response, and maintaining security documentation.
Analyst in cybersecurity at Unimed Nacional managing cloud security and assessing vulnerabilities in IT infrastructure. Leading strategic incident response and ensuring compliance with health regulations.
Cybersecurity Analyst in Red Team for Randoncorp focusing on evolving IT environments and security. Collaborating with multidisciplinary teams on challenging projects.
Senior Information Security Analyst ensuring the security of critical tech environments at Servix. Responsible for incident response, vulnerability management, and security controls implementation.
Senior Application Security Analyst ensuring application and infrastructure security for a European AI cloud. Collaborating with teams to build defenses and mitigate vulnerabilities in a hands - on role.