Senior Information Security Analyst

Job not on LinkedIn

🕒 3 days ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Dexco

WebsiteLinkedInAll Job Openings

10,000+ employees

👥 B2C

🛒 Retail

🤝 B2B

B2C • Retail • B2B

Dexco is the largest house of brands in Brazil for construction, renovation, and decoration materials, owning well-known labels such as Deca, Portinari, Hydra, Duratex, Castelatto, Ceusa, and Durafloor. With over 70 years of history, the company designs, manufactures and sells a broad portfolio of products for bathrooms, kitchens, flooring and building materials, serving both end consumers and professional installers. Dexco is publicly traded, emphasizes ESG and responsible forest management, supplier management, and innovation to improve product sustainability and operational efficiency.

📋 Description

• Monitor the vulnerability management process, from identification and risk prioritization to directing remediation, following up with responsible parties, and reporting status to the relevant stakeholders. • Oversee the operational performance of the outsourced SOC, evaluating metrics, SLAs, quality of responses, recurring alerts, and opportunities to adjust monitoring rules. • Support triage, analysis, investigation, and handling of security alerts and incidents using available XDR, SIEM, and threat intelligence platforms. • Serve as a technical reference during incident response, supporting containment, eradication, recovery actions, and documenting lessons learned. • Participate in crisis rooms and technical discussions related to critical events, providing risk analysis, business impact assessment, and mitigation recommendations. • Assess false positives, recurring offenders, visibility gaps, and improvement opportunities in detection and response processes, supporting adjustments to rules, playbooks, and internal workflows. • Collaborate with infrastructure, network, development, endpoint, identity, cloud teams, and vendors to remediate vulnerabilities, investigate events, and reduce risks. • Support risk assessments for environment changes, technical projects, new solutions, and corporate initiatives. • Contribute to creating and reviewing processes, procedures, playbooks, controls, and Information Security standards. • Support initiatives to improve security posture, including hardening, configuration reviews, monitoring adjustments, and expanding detection coverage on endpoints. • Produce analyses, reports, metrics, and technical or executive recommendations related to vulnerabilities, incidents, risks, and controls.

🎯 Requirements

• Hands-on experience with vulnerability management in medium to large corporate environments. • Experience in security operations, monitoring, alert triage, event investigation, and incident response. • Experience with XDR and SIEM platforms, including alert investigation, event correlation, and supporting creation or tuning of detection rules. Experience with Trend Micro Vision One is a strong plus. • Familiarity with log ingestion and centralization pipelines, collection agents, gateways, and platforms such as Chronicle/Google SecOps or equivalent solutions. • Knowledge of endpoint security tools. Experience with Sysmon or similar instrumentation to increase visibility on workstations and servers is valued. • Experience with vulnerability management platforms, especially Tenable or equivalent, including running scans, prioritizing findings, and tracking remediation. • Knowledge of privileged access management platforms such as CyberArk or equivalent solutions. • Experience or familiarity with threat intelligence platforms, including IOC triage, campaign correlation, and use of tools like MISP to support investigations and responses. • Strong ability to assess technical risks related to changes, configurations, vulnerabilities, and security events. • Understanding of offensive security, penetration testing, and attacker techniques, applied to risk prioritization and strengthening defensive controls. • Ability to correlate information from multiple sources—alerts, logs, IOCs, vulnerabilities, inventory, and business context—to support investigations and security decisions. • Previous experience in medium to large organizations, preferably with distributed environments, multiple sites, units, or branches. • Experience with SOC providers, MSSPs, or managed security services, including monitoring SLAs, metrics, and operational quality. • Experience in environments with multiple technologies, including infrastructure, networks, cloud, identity, endpoints, and applications. • Participation in incident response, crisis rooms, or handling critical events. • Experience in environments using automation, orchestration, or playbooks to support investigations and incident response. • Participation in technical evaluations of Information Security tools, services, or solutions. • Experience reviewing processes, operational metrics, and security practices to increase operational maturity.

🏖️ Benefits

• Medical insurance for you and your dependents • Dental insurance for you and your dependents • Life insurance • Wellhub: access to gyms, physical, emotional and nutritional wellness apps — including a free digital plan • Pharmacy agreement: medications at special prices with payroll discount • "De Bem com a Mente": mental health program offering support and rehabilitation • "Pronto Atendimento Pessoal": personal assistance program offering financial, psychological, legal and social support • "Gestar Juntos": support program and guidance for pregnant employees and dependents • Childcare allowance for children up to 24 months • Meal voucher or cafeteria and basic food basket (depending on the unit) • Transportation voucher or shuttle (depending on the unit) • Profit Sharing (PLR) based on company results and individual targets • Private pension plan: company contributions to support your future • Special loans through Fundação Itaúsa and payroll-deductible loans with preferential rates • UniDexco: online platform for courses and training • Dexco Partnership Club: discounts with nearly 700 partners • Dexco Store: discounts on Dexco brand products • Christmas voucher