About the role

Responsible for supporting SIEM services and resolving complex problems in a cybersecurity environment. Involved in developing parsers and troubleshoot issues while ensuring data integrity.

Responsibilities

Maintain SIEM services, ensuring availability, performance and data quality;
Work autonomously to resolve complex issues related to detection, correlation and source integrations;
Develop, customize, tune and optimize parsers and connectors, ensuring proper normalization and adherence to the data dictionary;
Perform advanced parser construction and normalization, including log structure analysis, regular expressions (regex), field extraction and enrichment;
Manage patches, updates and upgrades, assessing impacts on production environments;
Perform advanced troubleshooting for ingestion failures, parsing issues, pipelines and integrations;
Prepare RCAs (Root Cause Analysis) for outages or degradations of medium complexity;
Participate in internal and external audits, providing technical evidence, documentation and log traceability;
Participate in technical meetings with internal and external clients, supporting discussions on architecture, integration and improvements;
Provide technical training and mentorship for junior analysts and technicians;
Continuously participate in technical training, keeping up with new technologies, products and services that add value to SIEM Engineering.

Bachelor's degree in Information Technology, Information Security, Computer Networks or related fields;
Minimum 2–3 years of experience supporting SIEM environments;
Hands-on experience administering multiple SIEM platforms;
Solid knowledge of network architecture and information security;
Proven experience troubleshooting networks, operating systems and integrations;
Knowledge of scripting and automation (Python, PowerShell, Shell, Regex);
Vendor-specific intermediate-level certifications preferred;
Knowledge of SOAR processes and security automation is desirable;
Parser and connector engineering (log structure, normalization, enrichment);
Analysis and optimization of data ingestion pipelines;
Ability to handle technical incidents of medium complexity;
Practical knowledge of security architecture and SOC operations;
Basic forensic analysis skills to support investigations;
Integration between SIEM, SOAR and security data sources;
Ability to mentor and disseminate technical knowledge;
Good communication skills for technical interaction with clients and vendors;
Systemic vision and analytical thinking for solving complex problems;
Organization, time management and prioritization of tasks.

Health plan with no monthly fee for you (co-payment model);
Dental plan with no monthly fee for you;
Life insurance;
Pipo Saúde: digital health and corporate benefits broker;
Zenklub: emotional health and well-being platform with special discounts;
TotalPass: platform that connects you to various networks to support your well-being (and your family's);
Private pension plan;
Transport allowance;
Meal or food allowance;
Birthday day off: enjoy a day off during your birthday month;
Casual ISH – Comfort and professionalism together: choose an outfit that reflects your well-being while respecting the work environment;
Breakfast and afternoon snacks with fresh fruit to boost your on-site routine;
Employee referral program with cash bonuses;
Onboarding kit: we prepare a comprehensive kit to support your daily work;
Deeplearning: our Corporate University — a space dedicated to continuous development with courses, trainings and workshops for professional and personal growth;
Opportunities for career growth;
Culture of feedback and development;
Exclusive program for leaders;