Information Security Analyst

Mindera works with a variety of clients across the world to innovate and solve tough technical problems. Our security team enables Mindera to meet security standards, such as UK Cyber Essentials Plus and ISO 27001, and keep all Minders safe from the bad guys’ hands. We are looking for an Information Security Analyst to work across all our locations. As a mid-level information security analyst, you will help the team monitoring Mindera’s infrastructure, managing vulnerabilities, responding to incidents, offering advice and support to Minders. You will also have the opportunity to contribute our procedures as well as research and integrate solutions to continually improve Mindera’s security posture. Important note: this role primarily involves working within European time zones, requiring a significant overlap with team hours. What you'll be up to - Security monitoring and alerting: Develop, maintain and fine-tune detection rules for our XDR platform. Investigate security events to determine whether an incident occurred; - - Vulnerability management: Run and analyse vulnerability scans, identify weaknesses, report results and co-ordinate remediation; - - Security enablement: Advise and answer queries from Minders, contribute to security guidelines, awareness and best practices. Work with development teams to integrate threat modeling into the software development lifecycle, identifying and mitigating potential security risks; - - Incident response: Provide assistance during containment and recovery, prepare reports and use the lessons learned to strengthen our defenses, applying frameworks like MITRE ATT&ACK; - - Systems integration: Develop scripts and tools to automate repetitive tasks, leverage Infrastructure as Code (IaC) principles to build and manage integrations across our security tools; - What are we looking for - Experience: You know what you’re doing and want to learn more. You have at least 3 years of hands-on experience in two or more relevant areas; - - Technical Skills: - - XDR Threat Detection/Response: You know your way around XDR platforms like Palo Alto, CrowdStrike, etc. You can confidently investigate security events. You know how build and tune detection rules with a clear understanding of the specific risks they are meant to catch and the impacts that they have on the incident response process; - - Vulnerability Management: You have hands-on experience with tools like Tenable, Qualys etc. You know how to create scans and reports, query the data and audit the platform itself. Knowledge of how to use the APIs for automation and vulnerability management processes is a plus; - - Scripting and Automation: You don't like doing repetitive tasks manually. You can write practical scripts to solve problems using languages like Python, or Bash; - - Change management: You know how to test, validate, rollout and rollback changes safely and securely; - - Operating Systems: You have solid Linux and macOS knowledge, as well as a practical understanding of how things work on Windows; - - Cloud and On-prem Infrastructure: You are familiar with networking concepts, cloud (AWS, GCP) and have a strong interest in learning and applying Infrastructure as Code (IaC) principles; - - Security Frameworks: You have a basic understanding of the concepts presented by frameworks like MITRE ATT&CK, NIST, CIS and what it means applying them in practice; - - Communication Skills: You’re a good communicator and are not afraid to ask. English is the main language used at Mindera, so you will be using it a lot, both spoken and in writing; - - Interpersonal skills: You can deal with many people from different backgrounds and skillsets and support them effectively; - - Growth Mindset: You can work autonomously and proactively in a distributed and dynamic organisation. You want to get things done, and done well; - 🎊 What’s in it for You? We work in Self-organization culture and therefore we offer a flexible, supportive environment where you are trusted to manage your own time and career. - Well-being First: health insurance and "Open Holidays" because we trust you to know when you need a break. - - Flexible Working hours and Work: Work from our vibrant hubs in Porto, Aveiro, or Coimbra, or choose a remote setup that works for you. As long as you are based in Portugal :) - - Career Growth: A dedicated budget for training and conferences, plus a transparent profit-sharing model. - - Tools for Success: Choose Laptop & Peripherals that best suit your needs, plus Hotspot with unlimited usage (PT), for work or Netflix ;) - - Team work makes the dream Work: Mindera Annual Trip, Sports, and sharing groups to connect and have fun! - 🫂Why Mindera? At Mindera, we use technology to build products we are proud of, with people we love. We believe diverse teams build better products. Mindera is a place where you can be your authentic self, regardless of gender, age, ethnicity, religion, or background. We strive to create an environment where everyone feels they belong and has an equal opportunity to grow. Most of all, you get to work with a group of great people in a politics free environment where the whole team owns the project together. Our culture reflects our lean and self-management mindset, encouraging colleagues to take risks, make decisions, collaborate openly, and communicate with everyone. Freedom and responsibility go hand in hand, and we value commitment, feedback, and empathy. We are proud of our work and love learning about everything as we navigate an Agile, Lean, and collaborative environment. Curious to know more? Check out our Blog and our Handbook! Our offices are located: Porto, Portugal | Aveiro, Portugal | Coimbra, Portugal | Leicester, UK | San Diego, USA | San Francisco, USA | Chennai, India | Bengaluru, India | Cluj-Napoca, Romania | Blumenau, Brazil