Especialista em Segurança - Resposta a Incidentes in Brazil, Indiana at Jobgether

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Especialista em Segurança - Resposta a Incidentes in Brazil.

In this role, you will take a leading position in managing and evolving cybersecurity incident response capabilities within a complex enterprise environment. You will act as the technical authority during critical security incidents, coordinating investigations, defining response strategies, and ensuring business continuity under pressure. The position involves deep collaboration across security, infrastructure, engineering, legal, and compliance teams, as well as external partners, to ensure effective containment and remediation of threats. You will also contribute to building and improving detection and response frameworks, strengthening organizational resilience against evolving cyber threats. This is a high-impact role that combines hands-on technical expertise, strategic thinking, and leadership in crisis scenarios.

In this role, you will be responsible for leading incident response operations and strengthening the organization’s cybersecurity defense and detection capabilities. Your responsibilities will include:

• Leading and coordinating response to critical (P1) cybersecurity incidents, defining strategy, prioritization, and business trade-offs.
• Conducting and guiding complex investigations across endpoint, identity, cloud, network, email, and application environments.
• Performing advanced digital forensics while ensuring proper chain of custody and collaboration with legal and privacy teams.
• Designing, evolving, and maintaining incident response processes, tools, metrics, and overall readiness roadmap.
• Leading purple teaming exercises, threat hunting initiatives, and adversary simulation activities to validate security controls.
• Establishing detection engineering standards, including severity models, naming conventions, and performance thresholds.
• Managing external vendors and strategic partners (DFIR, Threat Intelligence, MSSPs), including evaluations and proof-of-concepts.
• Acting as a technical reference for detection engineering, code reviews, and executive-level communication during crises and audits.

The ideal candidate has strong experience in cybersecurity incident response and detection engineering, combined with leadership and communication skills to operate in high-pressure environments. You should have:

• Solid experience in cybersecurity incident response in complex enterprise environments.
• Strong background in detection engineering and hands-on experience with SIEM, XDR, or NDR platforms.
• Deep knowledge of adversary techniques and frameworks such as MITRE ATT&CK.
• Experience conducting forensic investigations across multiple domains (endpoint, cloud, identity, network, email).
• Familiarity with chain of custody practices and interaction with legal and privacy stakeholders.
• Proven ability to lead technical teams, mentor professionals, and influence cross-functional stakeholders.
• Strong communication skills, with experience in crisis management, executive reporting, and audit situations.
• (Differential) Experience with detection-as-code (Sigma, KQL, SPL, CI/CD pipelines), threat hunting, and frameworks such as NIST and ISO 27001.

• Comprehensive health insurance coverage.
• Dental assistance plan.
• Life insurance.
• Meal or food allowance.
• Transportation assistance.
• Childcare/babysitting support.
• Private pension plan.
• Profit-sharing program.
• Education and learning investment programs.
• Individual development plan and career growth support.
• Flexible internal benefits and recognition programs.
• Wellness and employee support initiatives.