Senior Security Engineer, Incident & Response

Summary

Join QuintoAndar, Latin America's largest real estate ecosystem, as a Cybersecurity Analyst. You will monitor security events, lead incident response, investigate attacks, and develop incident response playbooks. The role requires expertise in SOC tools, extensive incident response experience, and relevant certifications. You will collaborate with engineering teams and present performance metrics to management. QuintoAndar offers a competitive salary, bonus, health and dental plans, life insurance, and various other benefits, including extended parental leave and flexible work arrangements.

Requirements

• Expertise in managing and configuring SOC tools such as EDR, SIEM, IDS/IPS, DLP, firewalls, and experience with SOAR implementations to automate processes
• Extensive experience (+5/y) in incident response and threat investigation – Proficiency in identifying, containing, and mitigating cybersecurity incidents, with hands-on experience analyzing logs, endpoints, network traffic, and system records
• Experience in vulnerability management and risk mitigation – Skilled in identifying vulnerabilities, assessing risks, and collaborating with teams to implement effective mitigation strategies
• Certifications: GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH) or similar
• Effective communication, analytical and collaboration skills – Ability to deliver security training, lead tabletop exercises, collaborate with engineering teams to resolve vulnerabilities and resolve security incidents, and present SOC performance metrics to management
• Fluency in Portuguese and proficiency in English, especially for writing documentation, policies, and communicating with global partners

Responsibilities

• Monitor security events and alerts, responding to incidents detected by the SOC and security systems (EDR, SIEM, DLP, IDS/IPS, etc.)
• Lead and coordinate cybersecurity incident response, including identification, containment, eradication, recovery, and post-incident analysis
• Investigate the origin of attacks and security events by analyzing logs, network traffic, and system records to identify and mitigate threats
• Create and maintain incident response playbooks, and collaborate on developing SIEM use cases to enhance detection capabilities
• Identify automation opportunities in SOC processes and assist in the implementation of SOAR tools
• Provide internal training on security best practices and conduct incident response simulations (tabletop exercises)
• Collaborate with software engineering teams to ensure efficient resolution of identified vulnerabilities
• Develop and present incident status reports and SOC performance metrics (KPIs/OKRs) to management, recommending improvements where necessary

Benefits

• Competitive salary package
• Bonus
• Meal allowance ("Flash benefícios")
• Health plan
• Dental plan (optional)
• Life insurance
• Daycare subsidy
• Subsidy to sports practicing (Gympass)
• Extended maternity and paternity leave
• Reserved room for breast-feeding*
• Discount on our parking lot*
• Language learning support
• Free transfer from Vila Madalena and Fradique Coutinho stations to the office*
• Free bike rack in our parking lot*