Information Security Analyst – Endpoint
São Paulo, São Paulo, Brazil
Full Time
1 month ago
No Sponsorship
Key skills
PowerShell
About this role
Role Overview
- Ensure full coverage of the technology estate (servers and workstations), making sure antivirus agents are installed, up to date, and correctly communicating with management consoles (Microsoft Defender and SentinelOne);
- Continuously adjust security policies and antivirus exceptions to reduce false positives and preserve the performance of critical applications;
- Triage and perform technical analysis of security alerts (malware/infections), ensuring rapid containment, remediation, and normalization of assets;
- Monitor and remediate non-compliant devices, ensuring compliance across the environment;
- Provide advanced technical support to the N2 team and work collaboratively with engineering, support, and infrastructure teams to contribute to service continuity and evolution;
- Conduct proactive threat hunting using KQL queries to identify indicators of compromise (IoCs) not detected automatically;
- Identify operating system vulnerabilities using tools such as Intune and security consoles, ensuring timely application of patches and critical updates.
Requirements
Required qualifications
- Bachelor's degree in Information Technology, Information Security, or a related field;
- Basic English for technical reading;
- Experience managing antivirus and EDR solutions, including administration and tuning of Microsoft Defender for Endpoint and SentinelOne consoles;
- Knowledge of network microsegmentation, using tools such as Guardicore for traffic control and threat isolation;
- Proficiency in device management using Microsoft Intune, including applying security policies, compliance settings, and endpoint protection;
- Knowledge of technical security analysis, using KQL to investigate alerts and search for indicators of compromise;
- Experience in vulnerability management, including identifying risks and applying security patches to operating systems.
Desired qualifications
- Familiarity with incident response automation, including creating and maintaining playbooks to integrate alerts with automated actions;
- Experience with automation using PowerShell, focused on mass remediation and optimizing operational activities.
Benefits
Not specified