Job details
Cyber Security area works on the detection, analysis, and response to security incidents in cloud and corporate environments. This role is critical to the continuous monitoring of the environment, supporting the handling of security alerts and the execution of Incident Response processes and playbooks, working closely with more experienced analysts and other technical teams.
What You'll Do
- Monitor security events through SIEM and other security tools, performing initial triage and correlating signals across multiple sources.
- Execute Incident Response activities, including detection, investigation, containment, remediation, and documentation of security incidents.
- Analyze alerts and security anomalies to identify legitimate threats, false positives, and areas requiring escalation.
- Perform perimeter protection activities, ensuring continuous oversight of firewalls, IDS/IPS, and other boundary security technologies.
- Conduct in-depth investigations following defined processes and playbooks, ensuring consistent and high-quality handling of incidents.
- Support enhancements to security monitoring, detection logic, and Blue Team processes.
- Collaborate with internal teams to implement improvements in policies, controls, and procedures.
- Test and validate new tools and technologies to strengthen threat detection and response capabilities.
- Produce clear and structured reports on incidents, findings, and remediation steps.
- Contribute to continuous learning by staying up to date on cybersecurity trends, threat actors, and defensive techniques.
This is a remote position. A remote position does not require job duties be performed within proximity of a Visa office location. Remote positions may be required to be present at a Visa office with scheduled notice. #LI-Remote
Qualifications
Basic Requirements
- Be based in Brazil
- English level B1
- Previous experience working in Blue team, CSIRT, SOC or other security areas
- Experience in Incident Response, Alert triage, investigation, and remediation, working based on defined processes and playbooks
- Experience with security monitoring / SIEM, Event correlation
- False‑positive identification
- Knowledge of log ingestion and usage
- Data quality validation
- Understanding of relevant fields for detection
- Knowledge of Cloud and networking
- Familiarity with MITRE ATT&CK, Cyber Kill Chain, and Incident Response frameworks
Preferred Qualifications
- Knowledge of WAF
- Alert and rule analysis
- Ability to distinguish real attacks from false positives
- Web protection knowledge
- DDoS mitigation concepts
- Bot mitigation concepts
- Knowledge of the OWASP
- General understanding of application security frameworks and best practices
- Antivirus and core security tools
- Understanding of endpoint protection solutions
- Ability to analyze and correlate security alerts
- Digital certificates - mTLS
- Certificate lifecycle management
Additional Information
Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.
