Remotery

Security Incident Response Specialist

Posted 1 day ago

This is a fully remote position, open to applicants in Brazil.

📋 Description

• Assume technical leadership during critical (P1) incidents, outlining response strategies, prioritization, and business trade-offs.

• Oversee intricate, multivector investigations encompassing endpoints, identity, email, cloud, network, and applications.

• Conduct or oversee advanced forensic analyses, maintaining chain of custody and collaborating effectively with legal and privacy teams.

• Develop, advance, and sustain the Incident Response capability, including processes, tools, integrations, metrics, and a readiness roadmap.

• Guide junior and mid-level professionals, facilitate tabletop exercises and crisis simulations, and act as a representative to executives, auditors, and regulators.

• Foster relationships with vendors and strategic partners (DFIR, CSIRT, Threat Intelligence), executing POCs and technical evaluations as necessary.

• Establish and uphold detection standards and conventions, including naming conventions, severity levels, lookback windows, and cost/performance thresholds.

• Strategize and implement the detection roadmap in alignment with key risks, threats, and organizational objectives (e.g., coverage of primary TTPs).

• Create quality metrics and technical gates, such as minimum accuracy, mandatory testing, peer reviews, and criteria for promotion to production.

• Spearhead purple teaming initiatives, continuous validation of controls, and detection of evolving techniques; direct hypothesis-driven threat hunting.

• Act as the technical point of reference for detection code reviews, mentor the team, and represent the subject in technical committees and executive forums.

• Assess tools, frameworks, and architectures for SIEM/XDR/NDR, conducting POCs and scaling detection-as-code implementation.

• Define content standards, detection architecture, and coverage strategy utilizing the MITRE ATT&CK framework.

• Ensure operational quality through SLOs, effectiveness metrics, and thorough detection testing.


⛳️ Requirements

• Demonstrated experience in cyber Incident Response within complex corporate settings.

• Strong expertise in Detection Engineering, SIEM/XDR/NDR, and practical application of the MITRE ATT&CK framework.

• Advanced understanding of investigations involving endpoints, identity, cloud, email, network, and applications.

• Experience in forensic analysis, maintaining chain of custody, and engaging with legal and privacy teams.

• Proven technical leadership abilities, mentoring skills, and cross-functional influence.

• Exceptional technical communication skills, capable of operating effectively during crises, audits, and committee meetings.

• Preferred: Experience with detection-as-code methodologies (e.g., Sigma, KQL, SPL, Terraform, CI/CD pipelines).

• Previous exposure to purple teaming, structured threat hunting, and adversary simulations.

• Familiarity with frameworks such as NIST CSF, NIST 800-61, ISO 27001/27002.

• Experience collaborating with DFIR, Threat Intelligence, and MSSP vendors.

• Relevant certifications (e.g., GCED, GCIA, GCIH, GNFA, CISSP, or similar).


🏝️ Benefits

• Health insurance – valuable coverage when you need it.

• Dental insurance – because we care about smiles.

• Renascer Program – employee support and well-being initiative.

• Meaningful Dates – we celebrate important moments.

• Education investment – we support your learning journey.

• Results participation – we build together and share in the outcomes.

• Individual Development Plan – we value your career ownership.

• Private pension plan – supporting long-term future planning.

• Life insurance – an important benefit.

• Time Together – recognition for team engagement and in-person participation.

• Meal and/or grocery allowance.

• Transportation allowance – no deductions.

• Childcare/babysitting assistance – because your child deserves a safe, welcoming place.

People also viewed

Softgic1 hour ago

Security Engineer

US flagUnited States OnlyFull-timeCybersecurity / Security Engineer
ApplyView job
AttackIQ1 hour ago

Client Security Advisor

US flagUnited States OnlyFull-timeCybersecurity / Security Engineer
ApplyView job
DigitalOcean1 hour ago

Staff Network Security Engineer

US flagMassachusetts OnlyFull-timeCybersecurity / Security Engineer$168.8k – $211k/year
ApplyView job
Masabi1 hour ago

Head of Security, Compliance

GB flagUnited Kingdom OnlyFull-timeCybersecurity / Security Engineer
ApplyView job
Defense Unicorns1 hour ago

Chief Information Security Officer

US flagUnited States OnlyFull-timeCybersecurity / Security Engineer$260k – $300k/year
ApplyView job
Armor Defense1 hour ago

Security Architect

SG flagSingapore OnlyFull-timeCybersecurity / Security Engineer
ApplyView job

Never miss a great job!

Get handpicked remote jobs straight to your inbox weekly.

Trusted by 7,400+ designers