Grupo QuintoAndar | Senior Security Engineer (Incidents)QuintoAndar was born to do something very rewarding: open doors. We opened doors for technology to be part of living. And, through it, we simplify and reduce the bureaucracy of the experience of those looking for a new home. Thus, we became the most valuable proptech in Latin America, leading the real estate market in around six countries and more than 75 cities around the globe.To make all this happen, we have more than 4,000 talented people, working with cutting-edge technology and best design practices to ensure a seamless experience throughout the sales and rental process, combined with smart financial products. Here you will work with the best professionals in the market, in an environment that breathes innovation, collaboration and high performance.About working at QuintoAndar:Possibility of learning;Opportunity to work in a team that seeks to use the best practices and tools in the market;Work in an informal environment with a horizontal structure;Being part of a team working on a high-impact project that affects the lives of thousands of people.Location & Remote WorkOur technology team works on the "remote-first" model, which means we are working from home with the possibility of living anywhere in Brazil. We also have the option of using QuintoAndar's offices in São Paulo and Campinas or using partner coworking spaces, both up to twice a week.About the ResponsibilitiesMonitor security events and alerts, responding to incidents detected by the SOC and security systems (EDR, SIEM, DLP, IDS/IPS, etc.).Lead and coordinate cybersecurity incident response, including identification, containment, eradication, recovery, and post-incident analysis.Investigate the origin of attacks and security events by analyzing logs, network traffic, and system records to identify and mitigate threats.Create and maintain incident response playbooks, and collaborate on developing SIEM use cases to enhance detection capabilities.Identify automation opportunities in SOC processes and assist in the implementation of SOAR tools.Provide internal training on security best practices and conduct incident response simulations (tabletop exercises).Collaborate with software engineering teams to ensure efficient resolution of identified vulnerabilities.Develop and present incident status reports and SOC performance metrics (KPIs/OKRs) to management, recommending improvements where necessary.RequirementsExpertise in managing and configuring SOC tools such as EDR, SIEM, IDS/IPS, DLP, firewalls, and experience with SOAR implementations to automate processes.Extensive experience (+5/y) in incident response and threat investigation – Proficiency in identifying, containing, and mitigating cybersecurity incidents, with hands-on experience analyzing logs, endpoints, network traffic, and system records.Experience in vulnerability management and risk mitigation – Skilled in identifying vulnerabilities, assessing risks, and collaborating with teams to implement effective mitigation strategies;Certifications: GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH) or similar;Effective communication, analytical and collaboration skills – Ability to deliver security training, lead tabletop exercises, collaborate with engineering teams to resolve vulnerabilities and resolve security incidents, and present SOC performance metrics to management;Fluency in Portuguese and proficiency in English, especially for writing documentation, policies, and communicating with global partners.Diversity & Inclusion at QuintoAndarAt QuintoAndar, we believe diversity of perspectives and experiences guarantee a differentiated work environment, based on respect and valuing differences.
#J-18808-Ljbffr