Analista de MDR Pleno - Technical Focal Point (TFP)
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Analista de MDR Pleno - Technical Focal Point (TFP) based in Brazil.
This role is a key position within a high-performing cybersecurity operations environment, acting at the intersection of technical incident response and client-facing communication.
You will serve as the technical reference point for strategic customers, ensuring security incidents are handled with speed, precision, and transparency.
The position involves deep engagement with threat detection, investigation, and response activities within a Managed Detection and Response (MDR) framework.
You will operate in a fast-paced SOC environment, working with advanced SIEM, XDR, and EDR technologies to detect and mitigate cyber threats.
A strong focus is placed on incident lifecycle management, from triage and analysis to containment and remediation guidance.
You will also play a critical role in improving detection capabilities and strengthening security posture across client environments.
This is a highly impactful role combining technical depth, analytical thinking, and direct customer interaction in a global cybersecurity context.
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Analista de MDR Pleno - Technical Focal Point (TFP) based in Brazil.
This role is a key position within a high-performing cybersecurity operations environment, acting at the intersection of technical incident response and client-facing communication.
You will serve as the technical reference point for strategic customers, ensuring security incidents are handled with speed, precision, and transparency.
The position involves deep engagement with threat detection, investigation, and response activities within a Managed Detection and Response (MDR) framework.
You will operate in a fast-paced SOC environment, working with advanced SIEM, XDR, and EDR technologies to detect and mitigate cyber threats.
A strong focus is placed on incident lifecycle management, from triage and analysis to containment and remediation guidance.
You will also play a critical role in improving detection capabilities and strengthening security posture across client environments.
This is a highly impactful role combining technical depth, analytical thinking, and direct customer interaction in a global cybersecurity context.
Accountabilities:
- Lead end-to-end incident response activities, including triage, investigation, containment, root cause analysis, and remediation recommendations.
- Perform advanced threat detection and investigation using SIEM platforms such as QRadar, Splunk, Elastic, Google SecOps (Chronicle), or Palo Alto XSIAM.
- Operate and tune XDR/EDR solutions (e.g., Cortex XDR, CrowdStrike, Microsoft Defender, SentinelOne, Trend Micro Vision One) to improve detection accuracy and reduce false positives.
- Conduct log analysis, event correlation, and threat hunting activities to identify suspicious behaviors and emerging threats.
- Produce clear and structured technical and executive reports for clients, ensuring transparency and actionable insights.
- Support and mentor junior analysts, contributing to the overall maturity and quality of SOC operations.
- Identify gaps in detection coverage and recommend improvements aligned with frameworks such as MITRE ATT&CK.
- Strong understanding of cyber threat landscapes, including attack vectors, kill chain methodologies, malware behavior, and defensive strategies.
- Hands-on experience with at least one SIEM platform, including log analysis and correlation (e.g., QRadar, Splunk, Elastic, Chronicle, XSIAM).
- Experience with XDR/EDR tools such as CrowdStrike Falcon, Microsoft Defender, SentinelOne, Cortex XDR, or equivalent solutions.
- Strong communication skills, with the ability to interact directly with clients in a clear, structured, and professional manner.
- Ability to manage multiple security cases simultaneously while maintaining SLA compliance and operational quality.
- Experience in client-facing or technical focal point roles is highly valued.
- Familiarity with automation, scripting, or AI-assisted security workflows is a plus.
- English and Spanish proficiency are considered strong advantages in multilingual environments.
- Security certifications are highly desirable, including Security+, CySA+, CEH, GCIH, GCIA, SC-200, and vendor-specific SIEM/XDR certifications.
- Competitive compensation aligned with market standards
- Health and dental insurance coverage
- Performance-based bonus programs
- Meal and food allowances
- Access to continuous learning and cybersecurity certifications
- Flexible and collaborative work environment
- Mental health and wellness support programs
- Opportunities to work with global cybersecurity clients and advanced security technologies
- Career development within a highly specialized SOC/MDR structure.
Act as the Technical Focal Point (TFP) for assigned clients, managing technical communication, incident coordination, and ongoing security alignment.
Requirements:
Solid experience in SOC operations and incident response within cybersecurity environments.