Information Security Analyst (Remote - LATAM)

Atmosera empowers businesses to redefine what's possible with modern technology and human expertise. Our exceptional experience across Applications, Data & AI, DevOps, Security, and the Microsoft Azure platform enables organizations to accelerate innovation, enhance security, and optimize operational agility. As a Microsoft Partner with seven specializations, GitHub AI Partner of the Year, a member of the GitHub Advisory Board, and a member of the prestigious Microsoft Intelligent Security Association (MISA), Atmosera expertly delivers cutting-edge, integrated solutions that deliver business value.As a Security Analyst, you will join a team of cybersecurity professionals delivering proactive Managed Security and Managed Governance services. In this role, you'll help safeguard our clients' environments by identifying vulnerabilities, deploying effective protective measures, and working collaboratively to mitigate risks while ensuring compliance with industry standards and regulations. The ideal candidate is highly analytical, possesses hands-on experience with Microsoft security solutions, and is passionate about staying ahead of emerging cyber threats.Key ResponsibilitiesSecurity Monitoring and Alert TriageMonitor security alerts and incidents in Microsoft Sentinel, Defender XDR, and Defender for CloudTriage incoming alerts to determine severity, impact, and required response actionsDifferentiate between false positives, benign activity, and actionable threats using established playbooksPerform continuous monitoring of cloud, identity, endpoint, and network telemetryIncident Investigation and ResponseInvestigate suspicious activity across Azure, Entra ID, Microsoft Defender XDR, and integrated data sourcesCorrelate logs, events, and indicators to establish timelines and determine root causeEscalate confirmed or high-risk incidents to senior analysts or incident response teamsExecute or recommend containment actions in accordance with defined proceduresLog Analysis and Detection SupportUtilize Kusto Query Language (KQL) and Log Analytics to analyze security dataCorrelate events across identity, endpoint, network, and cloud workloadsIdentify trends, anomalies, and patterns indicative of malicious activityProvide input into detection tuning and rule optimization effortsDocumentation and ReportingCreate and maintain detailed, audit-defensible investigation notes and case recordsDocument all triage decisions, escalation rationale, and response actionsProduce incident summaries and reporting for internal stakeholders and clientsParticipate in shift handoffs and maintain continuity of ongoing investigationsThreat Intelligence and Continuous ImprovementStay informed on emerging threats, vulnerabilities, and attack techniquesApply threat intelligence to contextualize alerts and improve detection accuracyParticipate in post-incident reviews and contribute to process improvementsSupport tuning efforts to reduce false positives and improve detection fidelityCollaboration and Client SupportWork within a multi-tenant MSSP environment supporting multiple client environmentsCollaborate with engineering, incident response, and client-facing teamsProvide clear and professional communication during incident escalationsSupport service delivery objectives, SLOs, and operational metricsRequired Qualifications1+ years of experience in a Security Operations Center or related security roleHands-on experience with SIEM platforms (Microsoft Sentinel preferred)Experience analyzing logs from one or more of the following:Azure / Entra IDMicrosoft Defender (Endpoint, Identity, Cloud, Office 365)Windows / Linux systemsNetwork security tools (firewalls, IDS/IPS)Cloud Security Posture Management - Defender for CloudBasic understanding of incident response processes and frameworksStrong analytical and investigative skillsPreferred QualificationsExperience with Microsoft security ecosystem:Microsoft SentinelMicrosoft Defender XDRMicrosoft Defender for CloudFamiliarity with KQL for log analysis and threat huntingUnderstanding of MITRE ATT&CK framework and common attack techniquesExperience in an MSSP or multi-tenant environmentRelevant certifications:Microsoft SC-200 (Security Operations Analyst)CompTIA Security+ or equivalentCompetencies and Attributes Ability to make accurate triage decisions under pressureStrong written and verbal communication skillsAttention to detail and evidence-based analysisAbility to follow and improve structured investigation processesAdaptability in a high-volume, alert-driven environmentWork Environment and ExpectationsParticipation in a 24x7 SOC shift model may be requiredExposure to high-volume alert environments requiring prioritization and efficiencyCollaboration with geographically distributed teams and client stakeholdersContinuous learning and development in Azure security and threat detectionThis is a contractor position in the United States with the ability to work from home but may require travel to a cl