Senior Security Operation Engineer
banQi, Brazil

As a Senior Security Operation Engineer, responsible for cybersecurity continuous monitoring, and strategy security monitoring and reviewing/modifying log ingestion as required alignment of logging efforts with incident response use cases to ensure they are supported and participating in cyber incident response.

This position must operate in a rotation/shift regime

Key Responsibilities:

• Serves as a subject matter expert on logging and monitoring activities in support of cyber legal and administrative investigative efforts.
• Provides second and third-level support and analysis during and after a security incident.
• Monitors reports and security logs for unusual events.
• Works closely with and provides guidance/direction to the Managed Security Service and Security Operations Center.
• Maintains/implements roadmap to expand log management to additional sources
• Reviews log management and alerting solution to enhance current capabilities to classify and prioritize anomalous activity based on the criticality of potential impact on systems and data.
• Enhances data analytics and reporting functionality to allow near-real-time reporting data filtering data enrichment and data correlation.
• Expands database auditing and monitoring capabilities for all critical databases to include those used by Community Connect partners.
• Assists in the development of security policies and procedures.
• Participates in security investigations and compliance reviews as assigned by management.
• Assist in development and deployment of information security awareness training and communication capabilities
• Responsible for operating, maintaining, and supporting various security tools as assigned by management e.g., DLP, CASB, PAM, SIEM, etc.
• Collaborates with other security and infrastructure team members to identify and implement solutions.
• Works with business partners in resolving security-related infrastructure outages.
• Participates in security investigations and compliance reviews as assigned by management.

Requirements

• A minimum of 3 years of experience in 24x7x365 Security Operations environments
• Strong knowledge of cloud security and monitoring tools (AWS and Azure),
• Strong knowledge of on DLP, CASB, SIEM, PAM, SECURE API GATEWAY
• Must possess expert troubleshooting skills.
• Provides second and third-level support and analysis during and after a security incident.
• Monitors reports and security logs for unusual events.
• Operational execution for Security Operations technologies
• Experience in Analyze cloud user traffic identify anomalous activity and specify areas to strengthen protection of cloud data and applications.
• Assist in the development / maintenance of DLP, CASB and Cloud Security Strategies Policies Standards and Procedures. This includes requirements/restrictions for Cloud application and storage use monitoring and where appropriate blocking of data leaving the environment and the ongoing tracking/monitoring of cloud access activities within the enterprise environment.
• A degree in Information Technology, Computer Science or related field

Job Rewards and Benefits