Cybersecurity Leader for Advanced Threat Detection

hace 4 días


Ciudad de México, Ciudad de México Novartis Farmacéutica A tiempo completo
About the Role

The Associate Director of Threat Detection and Response will be an integral part of Novartis Cyber Security Operations Center (CSOC). This advanced global team is passionate about active defense against sophisticated cyber threats and attacks.

This role involves leveraging a variety of tools and resources to proactively detect, investigate, and mitigate threats impacting Novartis' networks, systems, users, and applications. You will coordinate and communicate with technical and non-technical teams, including security leadership and business stakeholders.

As an experienced skilled analyst, this role also involves supervising, coaching, and mentoring a team of junior and senior analysts. The right candidate should have 5+ years of experience in Incident Response / Computer Forensics / CSOC team / Threat Hunting or related fields.

Main Responsibilities:
  • Security Monitoring and Triage
    • Monitor in real-time security controls and consoles from across the Novartis IT ecosystem.
    • Communicate with technical and non-technical end-users who report suspicious activity.
  • Forensics and Incident Response
    • Conduct initial investigations into security incidents involving various threats.
    • Gather live evidence from endpoint devices and log sources from a variety of systems and applications.
    • Support incident response activities, including scoping, communication, reporting, and long-term remediation planning.
    • Review technical reports and escalations for completeness and accuracy.
  • Big Data Analysis and Reporting
    • Utilizing SIEM/Big data to identify abnormal activity and extract meaningful insights.
    • Research, develop, and enhance content within SIEM and other tools.
  • Technologies and Automation
    • Interface with engineering teams to design, test, and implement playbooks, orchestration workflows, and automations.
    • Research and test new technologies and platforms; develop recommendations and improvement plans.
  • Day-to-Day Activities
    • Perform host-based analysis, artifact analysis, network packet analysis, and malware analysis in support of security investigations and incident response.
    • Coordinate investigation, containment, and other response activities with business stakeholders and groups.
    • Develop and maintain effective documentation, including response playbooks, processes, and other supporting operational material.
    • Perform quality assurance review of analyst investigations and work product; develop feedback and development reports.
    • Provide mentoring of junior staff and serve as point of escalation for higher severity incidents.
    • Develop incident analysis and findings reports for management, including gap identification and recommendations for improvement.
    • Recommend or develop new detection logic and tune existing sensors/security controls.
    • Create custom SIEM queries and dashboards to support the monitoring and detection of advanced TTPs against Novartis network.

Mandatory Skills and Qualifications:

  • 5+ years of experience in Incident Response / Computer Forensics / CSOC team / Threat Hunting or related fields.
  • Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk-related and incident response concepts to technical as well as nontechnical audiences.
  • Proven experience to initiate and manage projects that will affect CSOC services and technologies.

Estimated Salary: $120,000 - $180,000 per year



  • Santiago de Querétaro, Querétaro de Arteaga, México Dana Incorporated A tiempo completo

    Company OverviewDana Incorporated is a leading manufacturer of power transmission and fluid management products. We are seeking a highly experienced Senior Threat Detection & Response Engineer to join our cybersecurity operations team.About the RoleThis exciting opportunity offers a unique chance for an accomplished professional to lead and shape our...


  • Santiago de Querétaro, Querétaro de Arteaga, México Dana Incorporated A tiempo completo

    **Role Overview**:Dana Incorporated is seeking an experienced Senior Threat Detection & Response Engineer to lead our cybersecurity operations team. This pivotal role offers a unique opportunity for a seasoned professional passionate about Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR).As a key...


  • Ciudad de México, Ciudad de México Lyft A tiempo completo

    At Lyft, our mission is to create a safe and reliable transportation experience for our users. As a Cybersecurity Specialist for Threat Detection and Incident Response, you will play a critical role in protecting our systems and data from cyber threats.Key Responsibilities:Swiftly Respond to Security Incidents: Respond promptly to security incidents by...


  • Ciudad de México, Ciudad de México First Advantage A tiempo completo

    We empower each other to be our authentic selves and treat all with respect, integrity, and fairness. First Advantage is a leading provider of mission-critical background screening solutions to Fortune 100 and Global 500 brands.Our MissionWe are on the frontline of recruitment enabling organizations to Hire Smarter. Leveraging advanced technology, we deliver...


  • Ciudad de México, Ciudad de México Lyft A tiempo completo

    At Lyft, our mission is to revolutionize the way people move around their communities. We're looking for a skilled Cybersecurity Threat Hunter and Incident Responder to join our team.We connect people to transportation, and we're committed to keeping their personal information and travel details safe. Our security team leads efforts across the company to...


  • Ciudad de México, Ciudad de México Google Inc. A tiempo completo

    Job Description:We are seeking a highly skilled Cybersecurity Consultant to join our team at Google Cloud. As an Incident Response Consultant, you will provide industry-leading incident response services with in-depth tactical support to help organizations detect and respond to threats.About the Job:You will work on engagements including assisting clients in...


  • Ciudad de México, Ciudad de México Thomson Reuters A tiempo completo

    Cyber Threat Detection Engineer Opportunity at Thomson ReutersWe are seeking a highly skilled Cyber Threat Detection Engineer to join our team. As a Cyber Threat Detection Engineer, you will play a critical role in developing and deploying security measures across the estate while advancing our threat detection program.About the Role:Threat Detection &...


  • Ciudad de México, Ciudad de México Thomson Reuters A tiempo completo

    Thomson Reuters is looking to add a Cyber Threat Detection Engineer to our team.We are seeking an experienced professional to join our cyber defense team as a Jr Cyber Threat Detection Engineer. This role will be responsible for working with the Threat Intelligence and Incident Response teams to develop and deploy security measures across the estate while...


  • Ciudad de México, Ciudad de México Trustwave A tiempo completo

    Job SummaryThis Cybersecurity Threat Analyst position is a key member of the Global Threat Operations (GTO) team within Trustwave Managed Security Services (MSS). As a security professional, you will interact extensively with customers and partners using polite, professional etiquette.Duties and ResponsibilitiesPerform network analysis using strong TCP/IP...


  • Ciudad de México, Ciudad de México Thomson Reuters A tiempo completo

    Cyber Threat Intelligence and Detection SpecialistThomson Reuters is seeking a highly skilled Cyber Threat Intelligence and Detection Specialist to join our Cyber defense team.The successful candidate will work with Threat Intelligence and Incident Response teams to develop and deploy security measures across the estate, advancing our threat detection...


  • Ciudad de México, Ciudad de México HERE Technologies A tiempo completo

    Role OverviewWe are seeking a highly skilled Cybersecurity Leader to join our team at HERE Technologies. This is an exceptional opportunity for a seasoned security professional to shape the future of digital security at a global scale.About the RoleAs a Lead Security Engineer, you will be responsible for safeguarding our critical infrastructure and data....


  • Ciudad de México, Ciudad de México Thomson Reuters A tiempo completo

    About the Role :Deliver high-quality solutions across various cyber security functions, including threat detection, cyber threat intelligence, network security, incident response, insider threat prevention, and defensive platforms engineering.Drive continuous improvement in key cyber defense capabilities by streamlining technology acquisition and deployment,...


  • Ciudad de México, Ciudad de México Nearshore Cyber A tiempo completo

    Job Title: Cybersecurity Threat HunterAbout Us:Nearshore Cyber is a leading provider of cybersecurity services, dedicated to protecting businesses from the ever-evolving threats in the digital landscape.Estimated Salary: $80,000 - $120,000 per yearJob Description:We are seeking an experienced Cybersecurity Threat Hunter to join our team. As a key member of...


  • Ciudad de México, Ciudad de México 1210 Kyndryl Mexico S. de R.L. de C.V. A tiempo completo

    About the Role 1210 Kyndryl Mexico S. de R.L. de C.V. is seeking a highly skilled Cybersecurity Threat Mitigator to join our team. The successful candidate will be responsible for mitigating and managing cybersecurity threats to ensure the security of our clients' organizations. Key Responsibilities Develop and implement security policies and procedures...


  • Ciudad de México, Ciudad de México Nearshore Cyber A tiempo completo

    Nearshore Cyber is committed to delivering exceptional cybersecurity services, and we're seeking a seasoned professional to join our team as a Senior Cybersecurity Strategy Leader. This role offers a unique opportunity for experienced leaders to shape the future of cybersecurity in Latin America.Job Overview:The Senior Cybersecurity Strategy Leader will...


  • Naucalpan de Juárez, México Ford Motor Company A tiempo completo

    At Ford Motor Company, we are committed to protecting our information assets and mitigating insider threats. We are seeking a skilled Cybersecurity Threat Mitigation Specialist to join our team.About the RoleThis is a highly visible position that requires strong analytical and problem-solving skills. As a Cybersecurity Threat Mitigation Specialist, you will...


  • Ciudad de México, Ciudad de México Nuvit Service A tiempo completo

    Nuvit Service: Senior SIEM Engineer PositionWe are seeking a seasoned Senior SIEM Engineer to join our team at Nuvit Service. This critical technical role involves the onboarding of log sources to Splunk Enterprise Security, ensuring seamless data ingestion and parsing. The ideal candidate will possess exceptional organizational skills, attention to detail,...


  • Ciudad de México, Ciudad de México Worldwide Clinical Trials A tiempo completo

    Cybersecurity Threat Analyst Role OverviewWe are seeking a highly skilled Cybersecurity Threat Analyst to join our team at Worldwide Clinical Trials. As a key member of our Information Security department, you will play a vital role in identifying, analyzing, and coordinating responses to potential security incidents.Job Responsibilities:Monitor security...


  • Ciudad de México, Ciudad de México Thomson Reuters A tiempo completo

    Job DescriptionAbout Us:Thomson Reuters is a leading provider of innovative solutions to the world's most respected businesses and organizations. With over 160 years of experience, we've established ourselves as a trusted partner in helping professionals like you succeed.About the Role:We are seeking an experienced Cyber Security Engineer to join our team!...


  • Ciudad de México, Ciudad de México Nuvit Service A tiempo completo

    Job SummaryAs a Cybersecurity Solutions Architect at Nuvit Service, you will play a pivotal role in designing and implementing cutting-edge security solutions that safeguard our clients' sensitive data. With your expertise in IT Security and experience working with Splunk technologies, you will be responsible for onboarding data sources, analyzing complex...