Software AG helps companies to manage and optimize their operations, infrastructure and technology with products that simplify complexity, increase transparency and prepare organizations for change.
Trusted by the world’s best brands for more than 50 years, Software AG’s AI-enabled process intelligence, application development, high-performance database, and strategic portfolio management solutions are used by banks, retailers, manufacturers, governments and more.
Software AG’s Adabas database & Natural development platform are used by the world’s leading organizations to build and deploy high-performance, mission-critical applications for IBM Z®, Linux® and cloud. Governments and businesses (in finance, manufacturing, retail and more) tailor these applications to give their organization a distinct competitive advantage and optimize them to meet the most demanding operational service level agreements. With a pledge to innovate Adabas & Natural to 2050 and beyond, we ensure our customer’s mission-critical Adabas & Natural applications are Future ready. Now.
Be you, join us.
About the role
Software AG is seeking a detail-oriented and pragmatic SecOps Responder to support external cybersecurity incident response and act as a key liaison between the Security Operations Center and internal IT teams. This role is based in São Paulo, Brazil, and is responsible for rapid containment, remediation, and initial forensic actions during active security events. The successful candidate will be calm under pressure, technically strong, and confident in taking decisive action when threats emerge.
What you will do
Act as the first line of defense, owning the first steps of our incident response process.
Isolate compromised endpoints and execute emergency containment actions when needed.
Revoke tokens, reset accounts, and support identity protection response activities.
Perform initial forensic review and document incident details accurately.
Support compliance with the Americas zero-trust security baseline for laptops and endpoints.
Coordinate response activities with regional and global security stakeholders.
Maintain clear incident records, action logs, and follow-up remediation tasks.
What you bring
5+ years of experience in IT or cybersecurity operations.
Strong hands-on experience with Microsoft Defender for Endpoint and Microsoft Sentinel.
Solid understanding of incident response processes and the Cyber Kill Chain.
Ability to stay focused and make sound decisions in high-pressure situations.
Sharp analytical mindset with strong attention to detail.
Experience with endpoint security, identity protection, and access management.
Nice to have
Experience in a regional SOC or global security operations environment.
Familiarity with Microsoft Purview or broader Microsoft Security Stack tools.
Exposure to zero-trust implementation or endpoint compliance programs.
Experience working across multiple time zones and international teams.
Why this role matters
This is a high-trust role with real authority to act fast during incidents. You will help protect the Americas region by containing threats before they spread and by ensuring security standards remain strong across endpoints and identities. The role offers direct ownership, meaningful impact, and the opportunity to work with a modern Microsoft security environment.
At Software AG we are committed to providing an environment of mutual respect and fairness where equal employment opportunities are available to all applicants and employees without regard to race, colour, religion, gender, pregnancy, national origin, age, physical and mental disability, marital status, sexual orientation, gender identity, and any other characteristic protected by applicable law.
We believe that diversity, equity, and inclusion is critical to our success as a global company, and we seek to recruit, compensate, develop, promote, and retain the most talented people from a diverse candidate pool.