Publicado hace más de 30 días.
Security Intel & Operations Consultant - Híbrido en IBM
Sueldo oculto
Jalisco - Híbrido
Empleado de tiempo completo
Inglés : Nivel Avanzado
Required Professional and Technical Expertise : Understanding of network, host, cloud and email based Cybersecurity events
Ability to work in a team to troubleshoot and solve complex problems
Tier 1 analyst support, eyes on glass on Splunk which is now their SIEM. Also other tool feeds and alerts. Responding to alerts, initial triage and escalation. Support on shift 2 and 3 evening/night
Has a SOC with Splunk SIEM, requires second and third shift coverage, triage of alerts. Sources: Endpoints, WAF, phishing e-mails, Palo Alto.
Initiate triage on notable (network detection / intrusion) events in order to determine if malicious activity is occurring or has occurred within the NextEra enviroment
Analyze e-mails submitted by users for malicious content
Escalate potential Cybersecurity issues and participate in investigation triage calls
Accuratly document findings in the appropriate system an close out investigations
3rd shift potential
Ability to work in a team to troubleshoot and solve complex problems
Tier 1 analyst support, eyes on glass on Splunk which is now their SIEM. Also other tool feeds and alerts. Responding to alerts, initial triage and escalation. Support on shift 2 and 3 evening/night
Has a SOC with Splunk SIEM, requires second and third shift coverage, triage of alerts. Sources: Endpoints, WAF, phishing e-mails, Palo Alto.
Initiate triage on notable (network detection / intrusion) events in order to determine if malicious activity is occurring or has occurred within the NextEra enviroment
Analyze e-mails submitted by users for malicious content
Escalate potential Cybersecurity issues and participate in investigation triage calls
Accuratly document findings in the appropriate system an close out investigations
3rd shift potential