- Distinguish, interrupt and suppress threat actors on enterprise networks
- Detecting and assessing cyber security events and incidents
Sobre nuestro cliente
American distributor of information technology products and services
The main responsibilities are:
- Investigate events and incidents to gather evidence and analyze in a comprehensive, consistent, and measurable manner
- Evaluate, respond, and mitigate alerts that originate from the SIEM and other security tools
- Hunt for suspicious and malicious threats within the environment
- Identify common false positives and make suggestions on tuning to reduce alert-fatigue
- Join forces with internal Security Incident Response Team (SIRT) during investigations
- Train and mentor other team members to develop a high-performing team
- Author investigation reports for technical and non-technical audience
- Work in 12-hour shift (2-2-3 schedule)
Perfil buscado (Hombre / Mujer)
Two or more years of full-time professional experience in the Information Security field. Experience working in an internal Security Operations Center (SOC) or Managed Security Service (MSS) Collaborate with Security Architecture, Engineering to Operationalize new security controls. Have in depth working on security tools such as Security Incident and Event Management (SIEM), Endpoint Detection and Response (EDR), Anti-Virus. Familiarity with MITRE ATT&CK and methods to detect suspicious and malicious behavior. Basic understanding of vulnerability assessment tools. Previous experience as a point of escalation in a technical environment. One or more security related certifications preferred (e.g. Security+, GSEC, CEH, GMON, GCIH, CISSP).
Competitive salary and company perks.