SOC Manager leading cybersecurity operations and strategies for federal clients in a 24/7 environment. Managing SOC activities and mentoring teams while maintaining security integrity.
About the role
- Security Operations Analyst monitoring security events and responding to incidents. Collaborating with IT and Security teams to implement preventive controls and improve processes.
Responsibilities
- Continuous monitoring of security events and alerts using SIEM platforms.
- Analysis and correlation of logs to identify suspicious activity or indicators of compromise (IoCs).
- Develop security use cases aligned with frameworks such as MITRE ATT&CK and internal policies.
- Define correlation rules for threat detection (e.g., anomalous behavior, brute-force attacks, data exfiltration).
- Tune thresholds and alert logic to reduce false positives.
- Parser development and log normalization.
- Create custom parsers to integrate new log sources into the SIEM.
- Ensure data normalization (mapping to standard fields such as IP, user, action).
- Validate log quality and consistency to prevent correlation failures.
- Work with common formats (Syslog, JSON, XML) and protocols (CEF, LEEF).
- Operation and automation with SOAR, creating playbooks for fast and efficient response.
- Triage and handling of security incidents according to criticality and impact.
- Investigations across endpoints, networks and applications to determine root cause.
- Escalation and communication with internal teams and vendors when necessary.
- Detailed documentation of incidents, actions taken, and mitigation recommendations.
- Contribute to continuous improvement of monitoring and response processes.
- Participate in incident simulation and tabletop exercises.
- Collaborate with IT and Security teams to implement preventive controls.
Requirements
- Bachelor's degree in Information Security, Cyber Defense, IT or related fields.
- Postgraduate degree in Cyber Security, Forensics, Intelligence or Security Architecture is a plus.
- Experience with SIEMs (Splunk, QRadar, SecOps, Elastic, Sentinel).
- Experience in security incident response.
- Experience with Windows and Linux operating systems.
- Knowledge of query languages (SPL, AQL, KQL).
- Familiarity with regex for parser creation.
- Understanding of log formats and protocols.
- Basics of SOAR automation (Python, YAML).
- Knowledge of MITRE ATT&CK, IOCs, and TTPs.
- Knowledge and hands-on experience with security solutions such as WAF, Firewall, IPS, Anti-Malware, EDR, ATP for detection and containment of security incidents.
- Availability for on-call shifts on weekends and holidays.
- Clear and assertive communication skills.
- Teamwork and collaboration.
- Curiosity and continuous learning.
- Ethics and responsibility.
- Analytical and critical thinking.
- Attention to detail.
- Proactivity.
- Resilience and emotional control.
Benefits
- Health and dental insurance
- Meal allowance (Caju)
- Life insurance
- Home office allowance
- Profit-sharing (PLR)
- Private pension plan
- Childcare assistance
- WellHub (Gympass)
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
SOC Analyst role focusing on IT security posture monitoring and threat detection use case development for MAHLE. Collaborate with global teams to enhance security processes and tools.
Security Operations Engineer at Pexip managing and improving security monitoring systems. Leading security incidents and ensuring effective alerting and automated response.
Security Operations Engineer at Gridware enhancing security, detection, and response in cloud - first environments. Collaborating with IT and engineering teams to implement best practices.
Cybersecurity Operations Director leading cybersecurity managed services operations at a global accounting firm. Overseeing teams, driving growth, and serving as an advisor to clients.
L2 SOC Analyst managing security incidents and responses at Keyloop, focusing on digital transformation in the automotive sector.
Security Operations Analyst responsible for developing security processes and incident response. Collaborating with multiple teams for security best practices in a hybrid work environment.
Security Manager leading IAM and SecOps at fintech solutions provider in Brazil. Developing and implementing information security programs aligned with best practices and compliance requirements.
Security Engineer enhancing cybersecurity tools and solutions for The Walt Disney Company. Performing system analyses and developing security configurations for improved protection against cyber threats.
Security Operations Lead responsible for security operations aligning with policies and compliance. Handling incident response, vulnerability management, and supporting IT teams with security expertise.