Remote Senior Information Security Analyst

Description:

• We are seeking a Senior Information Security Analyst to join one of our client's expanding Information Security team.
• This role will report to the head of Information Security while leading and continuing to build the Security and Incident Response function.
• Key responsibilities include supporting front-line responders by identifying, triaging, and remediating security events, anomalies, and incidents.
• The analyst will assess newly published vulnerabilities and attacker Tactics, Techniques, and Procedures (TTPs) to identify possible defensive measures.
• Incident response support is required as a key stakeholder, collaborating with security and engineering teams to improve and secure systems from future attacks.
• The role involves operating and maturing playbooks to protect people, systems, and assets.
• Implementing detective and protective security controls across infrastructure and systems to improve security maturity is essential.
• The analyst will utilize the Sumo Logic logging and monitoring platform to publish security metrics.
• Contributions to the creation of runbooks and writing investigation reports are expected.
• Development and maintenance of correlation rules, queries, dashboards, and reports within the SIEM system are required.
• Participation in the Security Incident Response Team on-call rotation is necessary.
• The analyst will contribute towards information security guidance documentation and training.
• Coordination with external parties for Digital forensics & incident response (DFIR) investigations is part of the role.
• Leading the identification, assessment, and prioritization of vulnerabilities across the company’s systems and networks is crucial.
• Building automation & orchestration workflows to automate SOC processes is expected.
• Improving detective controls through threat-hunting and cyber threat intelligence is part of the responsibilities.
• Effective communication at multiple levels of sensitivity and to multiple audiences is required.

Requirements:

• The ideal candidate will have experience across a range of cloud security technical disciplines and may have had past jobs such as Detection & Response lead, Threat, & Vulnerability Management (TVM) engineer, or other real-world Blue or Red team responsibilities.
• Direct experience leading security incident teams, including monitoring, detection, response, and threat-hunting functions across Enterprise and Product services is necessary.
• Candidates should have led a roadmap for automation and orchestration to help scale and mature security incident response activities.
• The ability to summarize events and incidents effectively to technical and non-technical audiences, including executives, legal counsel, compliance partners, and other stakeholders, is required.
• A customer service-oriented person with a problem-solving attitude is preferred.
• Candidates should have 5+ years of relevant experience working in IT or Information Security in a cloud-first environment, with a minimum of 3 years in a dedicated incident response, threat & vulnerability management, or digital forensics role.
• A Bachelor’s degree in Computer Science, Programming, or a related field, or an equivalent combination of education and experience is required.
• Relevant Professional certifications such as CISSP, GCIA, GCIH, OSCP, or similar are highly desirable.
• Experience with the Mitre Att&ck Framework and associated tactics and techniques or other threat modeling exposures is necessary.
• Proficiency in Network and Security technologies is required.
• Experience using log and data analysis platforms such as Splunk, Sumologic, Datadog, Grafana, etc., is essential.
• Familiarity with Crowdstrike and AWS security tooling in cloud environments or similar products and services is preferred.
• Nice to have: Programming skills, experience with Kubernetes, AWS Certifications, static and/or dynamic code analysis tooling, and experience writing SDLC-related policy.

Benefits:

• Working in a remote position with candidates from Argentina or Uruguay only.
• Opportunity to work on challenging projects in a startup environment.
• Autonomy and efficiency in your work, owning every step of your development.
• An environment that provides opportunities for learning, growth, and expansion.
• The chance to deepen your experience while sharing and learning from a team of great professionals and specialists.
• Being part of a company that values customer-first mentality, urgency, ownership, humility, respect, frugality, impact, and continuous improvement.