Job Summary: Senior Security Analyst responsible for protecting technological environments, ensuring information security, business continuity, and cyber risk mitigation. Key Highlights: 1. Working on the protection of technological environments and mitigation of cyber risks 2. Focus on continuous improvement and security incident handling 3. Use of technologies such as Cloud, ELK, EDR/XDR, and IAM #### **About the Senior Security Analyst Role** **Join a dynamic ecosystem where the future of business is created and experienced every day. Be part of this transformation!** At LUZA Group, passion, perseverance, and the drive to surpass limits define our path to success. Founded in 2006, we are a Portuguese multinational company with over 1,200 talented professionals and significant business volume. With presence in strategic markets including Portugal, Spain, Morocco, Brazil, Mexico, the United States, and China, we deliver innovative solutions in engineering, IT, design, consulting, Industry 4.0, training, and recruitment. Everything we do is driven by the talent of our people. **This is a moment of growth and opportunity. The future belongs to visionary minds. Join us!** **Responsibilities and Tasks** Protect the cooperative’s technological environments, ensuring information security, operational continuity, regulatory compliance, and cyber risk mitigation across corporate, industrial, and cloud environments. **Essential Technical Knowledge** ------------------------------------------ * Management of **security risks**, processes, controls, and documentation * Support for **internal and external audits** * Development and tracking of **action plans**, schedules, and status reports * Guidance and support to departmental owners for meeting **Information Security requirements** * Conducting **periodic critical analyses**, with focus on continuous improvement * **Network and system monitoring** * Handling of **security incidents and threats** * Definition and execution of **incident response procedures**, data recovery, and intrusion response **Mandatory Technical Requirements** -------------------------------------- * Experience with **SonicWall** or compatible firewall * Knowledge of **Capture Client** or equivalent endpoint protection solution **Desirable Knowledge** ---------------------------- * Leading Information Security strategy based on: + **ISO 27001 / ISO 27002** + **LGPD** + Frameworks: **NIST, SANS, OWASP** * Implementation and operation of security solutions, including: + Firewall, VPN, WAF, Proxy + Antivirus + **SIEM** + **IDS / IPS** + **CDN** + **ELK Stack** + Cryptography + Vulnerability scanners **Technological Environment** ------------------------ * **Cloud** infrastructure * Use of **ELK** * **EDR / XDR** * Vulnerability management * **IAM (Identity & Access Management)** * Segmented networks * Processes based on **ITIL** * **DevSecOps** practices **Desirable Hard Skills** -------------------------- * Information Security Governance * Risk and compliance management * Environment monitoring * Incident response * Networks and protocols * Cryptography * Security tools * **SIEM** * Security automation * Knowledge of **Cloud Security**