Publicado hace más de 30 días.
Senior SOC Specialist L3 - Windows - Remoto en DRAFT
$ 90,000 a 100,000 MXN (Bruto)
Remoto: México
Empleado de tiempo completo
Inglés : Nivel Avanzado
The person in this position will support the Operations Team, providing high-quality services, and performing daily duties of monitoring, detecting, analyzing, and performing incident response to cyber threats against Company applications, platforms, networks, and information.
The Senior SOC Engineer will be a technical SME working to drive forward SOC, SIEM, and Security IR capabilities, tooling, and processes as per the Duties described below. The environment includes local area networks/wide area networks (LAN/WAN), Internet connections, public-facing services & websites, wireless, mobile/cellular, cloud-based applications, and services (IaaS, PaaS, SaaS), security devices, servers, end-user workstations and laptops, production manufacturing, and various other 3rd party connections & services.
How You Will Make a Difference
Key Responsibilities
Analyzing & reviewing escalated cases until closure. This includes investigations & recommending appropriate corrective actions for cyber security incidents.
Leading efforts in monitoring, reporting, and responding to major information security incidents.
Create & deploy Use Cases for SIEM. Periodically fine-tune the use cases as per business requirements.
Must have proven hands-on experience in security technologies such as – SIEM, SOAR, EDR, and DLP.
Scripting knowledge (Python, PowerShell, or Perl) would be an added advantage.
Create ad hoc reports & dashboards from SIEM as per requirements.
Troubleshooting logs sources and log parsing issues.
Management, administration, upgrades & maintenance of security operations devices.
Responsible for integration and onboarding of standard and non-standard log sources in SIEM.
Understanding of various attack methods and mitigation techniques for on-premises and multi-cloud environments Root cause analysis preparation for major incidents.
Drive the outcomes of lessons learned to improve the organization's security posture.
Act as a point of escalation for L1 & L2 SOC personnel in support of Security Incident Response investigations.
Assess, identify, and create policies to automate incident response.
Coach and mentor junior analysts.
Support DLP solution and help define policies.
What We Can Offer You Opportunity to join a growing, early-stage organization built within a mature, stable global company. Friendly working environment and a diverse and highly motivated team Individual career development plan and possible career growth within a newly created account Truly international environment and daily interactions with colleagues and stakeholders from all over the world Attractive benefits & compensation package Flexible hours and remote work possibilities
Skills For Success Key Requirements/Minimum Requirements Bachelor of Science from an accredited institution.
The ability to fluently read, write, understand, and communicate in English. Strong knowledge of best practices in incident management, problem management, and change management.
Superior communication skills and ability to brief senior government officials.
5+ years of Information Security / Cybersecurity experience.
DESIRED SKILLS AND CERTIFICATIONS
7+ years total working in IT (experience can be various IT roles across infrastructure, network, security, application dev/ops).
Experience in networking and telecommunications integration, design, and architecture.
Strong OS knowledge of Windows and Linux, including networking and security. Hold preferably two but at minimum one relevant industry certification (GCIH, GCED, CISSP, CEH, GMON, etc.)
Understanding of SIEM tools such as Splunk, FireEye Helix, ArcSight, Microsoft Sentinel, McAfee Nitro, etc. Experience with Active Directory, IAM, PAM
Experience building and maintaining a high-performance team of analysts. Expertise with an industry-standard framework (ISO, NIST, PCI).
Experience maintaining metrics and SLAs.