Senior Cybersecurity Specialist (Hybrid - Brasília)

At EY, we are committed to shaping your future with confidence.

We will help you succeed in a globally connected environment, full of diverse teams, and take your career wherever you want it to go.

Come to EY and help us build a better world of business.

About the opportunity:

In Consulting, we are building a better world of business by helping organizations across different economic sectors worldwide. With teams of diverse specialties (technology, supply chain, digital transformation, process management, etc.), we support our clients in their challenges and in generating long-term value, transforming businesses through the power of people, technology, and innovation. #EYConsulting

You will assume the following responsibilities:

This position is aimed at professionals with experience in Microsoft tools, especially Sentinel, who seek to work on high-complexity and high-impact projects. The focus is on monitoring, analysis, automation, and governance of security environments, as well as the development of executive dashboards and process documentation, contributing to operational excellence and innovation in cybersecurity.

• Creation and maintenance of custom workbooks in Microsoft Sentinel
• Administration, analysis, and development of detections, correlations, and investigations in Microsoft Sentinel
• Log correlation between Sentinel, Log Analytics, Defender XDR, and Entra ID
• Creation of intelligent and behavior-based alerts
• Configuration and operation of UEBA (User and Entity Behavior Analytics)
• Advanced operation of Microsoft Defender XDR, including hunting, analyses, automations, and incident response
• Support in the general administration of the Microsoft Defender Portal
• Configuration and operation of CASB (MDCA) with a focus on Threat Detection
• Analysis and improvement of policies for Microsoft Defender for Endpoint, Cloud Apps, and Office 365 products
• Investigation and analysis of IOCs in the Defender Portal and Microsoft Sentinel
• Analysis of incidents/alerts, alert tuning, and management of suspicious IoCs
• Security posture management via Microsoft Defender for Cloud, applying recommendations, policies, benchmarks, and CSPM/CWPP
• Application of security best practices in Azure (Identity, Network, Workloads, Governance, and Compliance)
• Integrations and automations using Logic Apps, PowerShell, KQL, or Azure CLI
• Development of SOAR automations in Sentinel via Logic Apps
• Architecture and configuration of log collections and connectors for Microsoft Sentinel
• Support in the development and documentation of operational processes
• Support in security for AI products / Agents using Microsoft tools
• Creation of guides, standards, and recommendations based on Microsoft security best practices
• Development of executive dashboards, security panels, and strategic reports for leadership and clients
• Consolidation of insights, indicators, and security metrics

Requirements and skills we are looking for:

• Degree in IT or related areas
• Post-Graduation in Cybersecurity (preferred)
• Required knowledge in implementation and technical adjustments in Microsoft tools
• Mastery of Microsoft tools, especially Sentinel