About Liferay
Liferay is a uniquely profitable B2B enterprise software company with 1,200+ fiery-eyed employees all across Europe, the Americas, the Middle East, Asia, and Africa. As a renowned provider of enterprise open source technologies, we have been recognized by Gartner for empowering businesses around the world to solve complex digital challenges. Liferay Experience Cloud is an all-in-one solution that unites our Liferay DXP and cloud platform capabilities with built-in analytics and B2B commerce functionality, reducing the time to market and allowing for accelerated innovation - serving notable customers across the globe such as Airbus, US Bank, Honda, and Desjardins. But we don't just make awesome software, we are also fueled by a greater-than-profit vision. By building a vibrant business, making technology useful, and investing in communities, we make it possible for people to reach their full potential to serve others. We give our employees five days off to volunteer at charities they're excited about, and Liferay donates 10% of our profits to charities around the world. Oh, we're also self-funded which gives us the freedom to work on whatever we think brings the most value to customers and communities in the long run!
About You and this role
You're excited about the chance to help with daily Security Operations of the Information Security team. You know security is a never ending stream of new tactics, techniques, and strategies of attackers and you thrive to learn and improve systems to detect, monitor, and alert all those around when you find attackers. You seek to protect others and have a kind word for their failures. In this role you will be the active protection against hackers, work closely in Liferay's SOC team to prevent and act on security events that can impact Liferay and its ecosystem. You will be part of a global Information Security team that is responsible for security of Liferay ecosystem, starting from open-source codebases, through Liferay employees security to Liferay customers.
Key Responsibilities
Manage alerts coming into our systems managed by SOC (SIEM, security dashboards)
Make decision on alerts
Assist other teams in the resolution of (not only) information security issues across the company by using your unique security knowledge
Play an active part of the security Incident Response Team when there is a security incident.
Investigate incidents and identify the root cause of the problems
Manage incidents and ensure action items are documented
Integrate new data sources into the SIEM system
Identify patterns and improve monitoring rules
Prepare recommendations for IT and engineering teams to avoid future incidents
Evaluate new security technology and trends, and make recommendations to strengthen our information security controls.
Mentor and encourage the growth of other team members.
Key Objectives
Within 30 days finish basic security training and knowledge transfer from the Information Security team members.
Within 60 days learn how to triage alerts in selected security systems.
Within 90 days be responsible for timely triage of security events from selected security systems.
Required Qualification
Previous SOC or IT incident management experience
Knowledge of IT networking, web protocols and related fields.
Ability to learn and understand technical challenges in the security field.
Possesses communication and problem solving skills.
Ability to independently work in a global environment, fluent English level.
Strong experience in the security field.
Please,
upload the CV in English
. The Hiring Managers are outside Brazil.
Preferred Qualifications
Bachelor's Degree or equivalent from four-year college or university in a STEM focused area or equivalent in a related field, or commensurate experience.
Familiar with the Incident Response procedures and implementations.
Experience with SIEM, alerts, antivirus, firewalls and similar technologies.
Experience with Google Cloud Platform.
Knowledge of Linux systems and scripting.
Beginner knowledge of software development and information technology operations (DevOps)
Exceptional attention to detail and organization.
Able to work independently and effectively as part of a team, while handling multiple tasks and responsibilities.
Optional BUT desired Certifications and field knowledge
Relevant experience with information security, control standards, and frameworks such as ISO27001, SOC 1/2, GDPR and/or HIPPA.
Certification(s) in information security or cybersecurity field.
Experience with cloud environments and containerization.
What We Offer
Salary package w/ competitive benefits according to qualifications and experience
Opportunities to take responsibility, grow professionally, and Stay Nerdy
A positive and collaborative work
culture
Check out what employees say about us on
Glassdoor
Working at a
leading
open-source
company
Equal Opportunities Employer - Statement
Liferay is committed to the equal treatment of all candidates, customers and employees and to fostering a culture of dignity at work. Our operating procedure provides for equal opportunities in recruitment and employment with the aim to eliminate discrimination against any job applicant or employee on the basis of race, age, sexual orientation, gender, religion or beliefs, marital or civil partnerships status, family or dependency status, disability, pregnancy and maternity or membership of a traveling community.