Job Summary: A professional responsible for identifying, proposing, and implementing security solutions, managing incidents, and conducting risk assessments within a technological environment. Key Highlights: 1. Strategic involvement in identifying and resolving security weaknesses. 2. Proactive incident management and development of incident response playbooks. 3. Opportunity to work with advanced security technologies and frameworks. **INFORMATION SECURITY ANALYST \- PL (Night Shift)** ------------------------------------------------------- * Responsible for identifying solutions for security weaknesses identified in the technological environment or in project proposals. * Propose solutions using appropriate technologies and processes. * Night shift from 10 PM to 6 AM (night shift allowance and weekly rest day compensation apply). * CLT employment regime. **Responsibilities** * Conduct risk, threat, and vulnerability assessments. * Evaluate and perform configuration reviews for hardening. * Respond to and analyze security incidents (incident handling), including identification, investigation, containment, and resolution. * Develop, maintain, and update incident response playbooks. * Support the team in daily routines related to internal audit, compliance, etc. * Assess and analyze security requirements for existing systems and new projects, firewall rules, and define new requirements where necessary. * Respond to service tickets and analyze security risks, troubleshoot security-related issues involving tools, security policies and rules, and firewall rules. * Define security policies and conduct user profile reviews. * Participate in internal security awareness campaigns, contributing to material creation and communication with employees. * Design, implement, and maintain security solutions, defining corresponding processes and controls. * Respond to breaches or threats and implement corrective and preventive measures to avoid future incidents. * Monitor internal logs and traffic to proactively investigate suspicious activities and anomalies. * Communicate with client departments to discuss security measures and provide information about the designed system. **Requirements:** * Completed undergraduate degree in Information Security or Information Technology; * Minimum 5 years of experience in Information Security. * Knowledge of network security, cybersecurity protection solutions, technical and operational controls, operating systems, and cloud solutions. * Security frameworks and methodologies such as ISO 27001, NIST, and OWASP. * Knowledge of regulatory compliance standards such as PCI, SOX. * Practical experience working in a SOC. **Skills:** * English / Advanced / Writing / Speaking. * Integrity and discretion. * Commitment/engagement. * Results-oriented. * Strong interpersonal skills. * Critical/analytical thinking. * Ability to perform under pressure in a dynamic, high-demand environment. * Strong communication skills for interaction with internal and external teams. * Teamwork orientation, providing support to analysts across diverse activities. * Familiarity with IT controls and audit processes. **Preferred Qualifications:** * Certifications such as ISO/IEC 27001, CEH, CCSP, CISSP, ISFS, Security\+, PDPF. * Knowledge / Solutions: (Antivirus, Burp Suite, WAF, Firewall, SIEM, QualysGuard, AWS, Azure or Google Cloud, general security tools). * Ability to map security risks and define web application / application architectures.