Security Operations Responder

Software AG

Software AG

Brazil

Posted on Apr 29, 2026

About the role

Software AG is seeking a detail-oriented and pragmatic SecOps Responder to support external cybersecurity incident response and act as a key liaison between the Security Operations Center and internal IT teams. This role is based in São Paulo, Brazil, and is responsible for rapid containment, remediation, and initial forensic actions during active security events. The successful candidate will be calm under pressure, technically strong, and confident in taking decisive action when threats emerge.

What you will do

  • Act as the first line of defense, owning the first steps of our incident response process.

  • Isolate compromised endpoints and execute emergency containment actions when needed.

  • Revoke tokens, reset accounts, and support identity protection response activities.

  • Perform initial forensic review and document incident details accurately.

  • Support compliance with the Americas zero-trust security baseline for laptops and endpoints.

  • Coordinate response activities with regional and global security stakeholders.

  • Maintain clear incident records, action logs, and follow-up remediation tasks.

What you bring

  • 5+ years of experience in IT or cybersecurity operations.

  • Strong hands-on experience with Microsoft Defender for Endpoint and Microsoft Sentinel.

  • Solid understanding of incident response processes and the Cyber Kill Chain.

  • Ability to stay focused and make sound decisions in high-pressure situations.

  • Sharp analytical mindset with strong attention to detail.

  • Experience with endpoint security, identity protection, and access management.

Nice to have

  • Experience in a regional SOC or global security operations environment.

  • Familiarity with Microsoft Purview or broader Microsoft Security Stack tools.

  • Exposure to zero-trust implementation or endpoint compliance programs.

  • Experience working across multiple time zones and international teams.

Why this role matters

This is a high-trust role with real authority to act fast during incidents. You will help protect the Americas region by containing threats before they spread and by ensuring security standards remain strong across endpoints and identities. The role offers direct ownership, meaningful impact, and the opportunity to work with a modern Microsoft security environment.

See more open positions at Software AG