Top.Mail.Ru
DataArt

SOC Analyst (Mexico)

В архиве c 30 августа 2023
Монтеррей
от 2 800 $

Position overview

You’ll take an active part in managing security alerts and incidents, threat hunting, threat intelligence, and purple team activities, as well as optimizing SIEM service, visibility coverage, and other active threat-protection control. In addition, you’ll be actively engaged in implementing new and improving existing security controls to detect, prevent, and deter cyberattacks. And you’ll have an opportunity to work with modern information security technologies, lead incident management processes, and work in a team of qualified InfoSec professionals.

Responsibilities

  • Manage the full lifecycle of security incidents
  • Improve incident management processes
  • Investigate alerts generated by different security tools and monitor events from critical components of infrastructure
  • Automate the processes of alert investigation, processing, remediation, containment, recovery, and incident management processes
  • Coordinate remediation activities and recovery operations upon security incidents
  • Optimize and improve the SIEM alerts logic, automation rules, playbooks, and processes
  • Assist in threat hunting, threat intelligence, and purple team activities
  • Assist with the maintenance of SOC documentation
  • Other InfoSec tasks

Requirements

  • Experience in Windows and Linux administration or user support
  • Basic understanding of cloud environments (Azure/AWS/GCP)
  • Strong understanding of TCP/IP networking concepts, VLANs, subnets, routing, and switching. Solid understanding of the OSI model, and underlying protocols (DNS, DHCP, SSL, HTTPS, FTP, Email protocols, etc.)
  • Practical experience with security solutions including IPS/IDS, endpoint and server protection (AV/EDR/HIDS), network protection, proxy, firewalls, etc...
  • Non-work (university/self-pace labs) experience is also accepted
  • Deep understanding of the "CIA triad"
  • Good communication level
  • Fast learner
  • Desire to develop in the area of information security
  • Stress-resistance, creativity
  • Spoken English

Nice to have

  • Broad and high-level understanding of cyber security tools and processes
  • Basic understanding of penetration testing concepts, vulnerability management, and malware analysis
  • Experience in SOC or similar 24x7 operations center environment
  • Experience in advanced cyber security tools like SIEM, SOAR, Cloud protection, and WAF will be a great advantage
  • InfoSec certifications will be a big plus

Conditions

  • Working schedule:
  • 8x5 working week
  • Position includes shift work (no night shifts)
  • Position expects work from the office
Настя из careerspace
Настя из careerspace
Поможем устроиться на эту работу или лучше!

Вакансия в архиве

Посмотрите похожие вакансии

© 2021—2025 ООО «Карьерное пространство»
Карьерная поддержка
Поиск работы
Медиа
Информация
© 2021—2025 ООО «Карьерное пространство»