About this role
Cyber Security area works on the detection, analysis, and response to security incidents in cloud and corporate environments. This role is critical to the continuous monitoring of the environment, supporting the handling of security alerts and the execution of Incident Response processes and playbooks, working closely with more experienced analysts and other technical teams.
What You'll Do
Monitor security events through SIEM and other security tools, performing initial triage and correlating signals across multiple sources.Execute Incident Response activities, including detection, investigation, containment, remediation, and documentation of security incidents.Analyze alerts and security anomalies to identify legitimate threats, false positives, and areas requiring escalation.Perform perimeter protection activities, ensuring continuous oversight of firewalls, IDS/IPS, and other boundary security technologies.Conduct in-depth investigations following defined processes and playbooks, ensuring consistent and high-quality handling of incidents.Support enhancements to security monitoring, detection logic, and Blue Team processes.Collaborate with internal teams to implement improvements in policies, controls, and procedures.Test and validate new tools and technologies to strengthen threat detection and response capabilities.Produce clear and structured reports on incidents, findings, and remediation steps.Contribute to continuous learning by staying up to date on cybersecurity trends, threat actors, and defensive techniques.This is a remote position. A remote position does not require job duties be performed within proximity of a Visa office location. Remote positions may be required to be present at a Visa office with scheduled notice. #LI-Remote
Basic Requirements
Be based in BrazilEnglish level B1Previous experience working in Blue team, CSIRT, SOC or other security areasExperience in Incident Response, Alert triage, investigation, and remediation, working based on defined processes and playbooksExperience with security monitoring / SIEM, Event correlationFalse‑positive identificationKnowledge of log ingestion and usageData quality validationUnderstanding of relevant fields for detectionKnowledge of Cloud and networkingFamiliarity with MITRE ATT&CK, Cyber Kill Chain, and Incident Response frameworks
Preferred Qualifications
Knowledge of WAFAlert and rule analysisAbility to distinguish real attacks from false positivesWeb protection knowledgeDDoS mitigation conceptsBot mitigation conceptsKnowledge of the OWASPGeneral understanding of application security frameworks and best practicesAntivirus and core security toolsUnderstanding of endpoint protection solutionsAbility to analyze and correlate security alertsDigital certificates - mTLSCertificate lifecycle management Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.