Blue Team Specialist

Vintti is a strategic staffing agency that enhances the competitiveness of US businesses. By connecting SMBs, startups, and firms with highly skilled Latin American professionals, we offer a cost-effective solution to talent acquisition. Our model allows companies to access top-tier expertise at rates that significantly reduce overhead costs, enabling businesses to allocate resources more efficiently and boost their bottom line.

A Blue Team Specialist is a cybersecurity professional dedicated to defending an organization's information systems from cyber threats. These specialists are tasked with identifying vulnerabilities, monitoring networks for suspicious activity, and implementing robust security measures to safeguard data. Through regular system audits, threat analysis, and incident response, Blue Team Specialists ensure the continual protection and resilience of an organization's digital assets. Their proactive defense strategies are essential for maintaining the integrity and confidentiality of sensitive information in an ever-evolving threat landscape.

- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field
- 3+ years of experience in cybersecurity, with focus on threat detection and incident response
- Strong understanding of network protocols, traffic analysis, and network security technologies
- Proficient in using security tools such as SIEM, IDS/IPS, firewalls, and antivirus software
- Experience conducting vulnerability assessments and penetration testing
- Strong analytical and problem-solving skills
- Excellent written and verbal communication skills
- Familiarity with security standards and frameworks such as NIST, ISO 27001, and CIS
- Hands-on experience with scripting languages (e.g., Python, PowerShell)
- In-depth knowledge of operating systems (Windows, Linux) and their security features
- Industry certifications such as CISSP, CEH, GCIH, or equivalent
- Ability to work under pressure and manage multiple incidents simultaneously
- Demonstrated ability to work collaboratively with cross-functional teams
- Experience in developing and maintaining incident response plans and playbooks
- Strong understanding of threat intelligence and threat hunting methodologies
- Ability to mentor and provide guidance to junior staff
- Commitment to ongoing learning and professional development in cybersecurity
- Experience with cloud security practices (AWS, Azure, GCP) is a plus
- Knowledge of compliance regulations such as GDPR, HIPAA, and CCPA is desirable
- Ability to maintain confidentiality and handle sensitive information with discretion

- Monitor and analyze network traffic for suspicious activity.
- Investigate security alerts and potential threats.
- Conduct vulnerability assessments and penetration tests.
- Develop and implement mitigation strategies.
- Respond to and manage security incidents and breaches.
- Maintain and update security systems such as firewalls, IDS/IPS, and antivirus software.
- Perform regular security audits and ensure compliance.
- Document and report security incidents and remediation actions.
- Conduct threat hunting to proactively identify potential threats.
- Develop and maintain incident response plans and SOPs.
- Participate in training and simulations to stay current with cybersecurity best practices.
- Mentor and provide guidance to junior team members.
- Evaluate and implement new security technologies and tools.
- Continuously improve security processes and practices.
- Coordinate with external partners during security incidents.
- Create and deliver security awareness training for employees.
- Maintain detailed documentation of security configurations and procedures.
- Stay informed about the latest cybersecurity threats and trends.

The ideal candidate for the Blue Team Specialist role will possess a Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a closely related field, with a minimum of three years of hands-on experience specializing in threat detection and incident response. This individual should demonstrate a strong understanding of network protocols, traffic analysis, and network security technologies, along with proficiency in security tools such as SIEM, IDS/IPS, firewalls, and antivirus software. They should excel in conducting vulnerability assessments and penetration testing, underpinned by robust analytical and problem-solving skills. The candidate will have excellent written and verbal communication capabilities and a solid familiarity with security standards and frameworks like NIST, ISO 27001, and CIS. Expertise in scripting languages such as Python or PowerShell and a deep knowledge of operating systems, particularly Windows and Linux, will be crucial. Possessing industry certifications like CISSP, CEH, or GCIH is highly desirable. The individual must be adept at working under pressure, managing multiple incidents concurrently, and consistently maintaining confidentiality. A proven collaborative team player, the candidate will also exhibit strong mentorship capabilities and a commitment to continuous learning and professional development in cybersecurity. Familiarity with cloud security practices (AWS, Azure, GCP) and knowledge of compliance regulations such as GDPR, HIPAA, and CCPA would be an advantage. The perfect fit will be highly analytical, detail-oriented, proactive, and self-motivated, with a penchant for investigative work and a passion for staying current with cybersecurity trends. An exceptional capacity for innovative thinking, maintaining high ethical standards, and strong organizational and time management skills will set this candidate apart, ensuring the ability to uphold best practices in security and effectively support internal stakeholders.

- Monitor network traffic and security alerts for signs of suspicious activity or potential threats.
- Analyze security logs, SIEM (Security Information and Event Management) data, and other relevant information to identify security incidents.
- Conduct vulnerability assessments and penetration tests to identify weaknesses in the network and systems.
- Collaborate with other IT and security teams to develop and implement mitigation strategies and security enhancement projects.
- Respond to and manage security incidents and breaches, including containment, eradication, and recovery procedures.
- Maintain and update security systems, such as firewalls, intrusion detection/prevention systems (IDS/IPS), and antivirus software.
- Perform regular security audits to ensure compliance with company policies, industry standards, and regulatory requirements.
- Document and report security incidents, findings, and remediation actions to relevant stakeholders.
- Conduct threat hunting activities to proactively identify potential threats before they can cause harm.
- Develop and maintain incident response plans, playbooks, and standard operating procedures (SOPs).
- Participate in regular training and simulations to stay current with emerging threats and best practices in cybersecurity.
- Provide mentorship and guidance to junior team members and help in their professional development.
- Evaluate and implement new security technologies and tools to enhance the organization's security posture.
- Engage in continuous improvement of security processes and practices based on lessons learned from incidents and up-to-date threat intelligence.
- Coordinate with external partners, including third-party vendors and law enforcement, as needed, during security incidents.
- Create and deliver regular security awareness training and educational materials for employees across the organization.
- Maintain detailed and accurate documentation of security configurations, policies, and procedures.
- Stay informed about the latest cybersecurity threats, trends, and technologies by attending conferences, webinars, and reading industry publications.

- Strong analytical and critical thinking skills
- Detail-oriented and attentive to subtle indicators
- Excellent verbal and written communication
- High level of integrity and ethical judgment
- Collaborative team player with strong interpersonal skills
- Ability to stay calm and decisive under pressure
- Proactive and self-motivated
- Strong problem-solving capabilities
- Eagerness to continuously learn and adapt
- High degree of professionalism and confidentiality
- Ability to multi-task and manage priorities
- Innovative and open to new ideas
- Technical curiosity and investigative mindset
- Resilient and able to handle criticism constructively
- Strong organizational and time management skills
- Aptitude for mentoring and teaching others
- Strong leadership potential and initiative
- Commitment to upholding best practices in security
- Ability to interpret complex technical data
- Patience and persistence in threat analysis work
- Passion for cybersecurity and staying current with trends
- Customer-focused mindset to support internal stakeholders

- Competitive salary range of $90,000 - $130,000 based on experience and qualifications
- Comprehensive health, dental, and vision insurance
- 401(k) plan with company match
- Generous paid time off (PTO) and holiday schedule
- Flexible working hours and remote work options
- Professional development and certification reimbursement
- Opportunities for career advancement and growth within the organization
- Employee wellness programs and resources
- Company-sponsored events and team-building activities
- Tuition assistance for higher education
- Access to the latest cybersecurity tools and technologies
- Collaborative and inclusive work environment
- Life and disability insurance
- Employee Assistance Program (EAP) providing counseling and support services
- Performance-based bonuses and incentives
- Support for attending industry conferences and training sessions
- Parental leave and family support benefits
- Access to an internal knowledge-sharing platform and cybersecurity community
- On-site fitness center or subsidized gym membership
- Employee recognition and award programs