Senior Security Operations Analyst

Hybrid Work Model (Minimum 4 days per week in office)

As a Senior Security Operations Analyst, you will work with senior team members to understand threats and risks, apply security measures, and leverage your advanced knowledge of security tools and cloud environments (AWS and GCP). This hands-on role involves analyzing new requirements to support Ebury's global expansion and meet regulatory changes.

Key Responsibilities:

1. Security Incident Management and Response:

• Escalate and manage security incidents/alerts through Ebury's SIEM tool
• Conduct mail headers analysis, antivirus/EDR alerts investigation, and intrusion detection systems alerts investigations for desktop and cloud environments
• Perform advanced log monitoring on cloud and desktop/local network environments
• Assist with employee security concerns and provide advanced reporting

2.  Access Management and Policy Implementation:

• Assist with access policies procedures, including User Access Reviews (UAR)
• Maintain and develop Role-Based Access Control (RBAC) and RACI matrix for different systems
• Collaborate on security exceptions review and approval with the Information Security Manager

3. Security Operations and Project Support:

• Assist with internal phishing campaigns and Ebury's Security Champions program
• Collaborate on security projects using Agile methodologies
• Develop threat modelling on Ebury's SIEM
• Analyse CVEs and conduct security assessments as part of vulnerability management
• Assist with Security Operations OKRs and KPI metrics

4. Cloud Security Management:

• Implement and maintain security controls within AWS and GCP environments
• Conduct regular security assessments of cloud infrastructure and applications
• Ensure consistent security measures across both cloud platforms

5. Compliance and Reporting:

• Ensure compliance with relevant financial industry regulations and standards
• Prepare security metrics and reports for management and stakeholders
• Contribute to security audits and assessments

6. Team Collaboration and Support:

• Provide local and remote assistance to users on security matters
• Liaise and advise on security risk topics as required
• Collaborate with international team members and the IT department on new initiatives

Qualifications and Skills:

• 5+ years of experience as a security operations analyst
• Strong knowledge in the following areas (2-3 years expertise):
• Security Incident Management and Response
• Log Monitoring / SIEM
• Cloud perimeter security (AWS and GCP)
• Desktop and physical network protection
• Mail analysis
• IDS / IPS
• Authentication management
• Vulnerability Management
• Proficiency in incident management (CSIRT) and forensic analysis
• Experience with security information and event management (SIEM) tools
• Familiarity with financial industry security standards (e.g., PCI DSS, ISO 27001)
• Good understanding of business and technical information security concepts based on ISO 27001 standard
• Knowledge of data protection principles and implementation
• Experience in the financial sector is a plus
• Relevant security certifications (e.g., GCIH, GCIA) are valued

Personal Skills:

• Hands-on security practitioner
• Strong analytical and problem-solving skills
• Team player
• Excellent communication skills
• Fluency in English and Portuguese (Spanish skills also valued)
• Attention to detail and accuracy
• Highest level of ethical behaviour

What We Offer:

• Competitive salary and benefits package
• Opportunity to work with cutting-edge fintech technologies in a global, multi-cloud environment
• Professional development and training opportunities
• Collaborative and innovative work environment
• Potential for international travel and cross-office collaboration

At Ebury, we believe in inclusion and stand against discrimination in all forms. Join Ebury's global team and help us maintain a secure foundation for our innovative fintech solutions across the world.

#LI-IA1

#LI-ONSITE