Security Incident Response Specialist
hace 6 días
Job Summary
The Senior Security Incident Response Engineer will be responsible for overseeing our security tools, conducting investigations of escalated notable events, and performing our processes. This role will also be responsible for supplying the SOC Security Tools and Detections roadmaps and collaborating with the SOC Management team and external teams on key initiatives.
Key Responsibilities
- Performing investigation of intensified notable events
- Initial collection of evidence related to called-out security events
- Collection of evidence related to compliance audits
- Validation and regular review of processes and procedures
- Identification, issue, and follow-up on false positives
- Process initial mitigation and containment procedures
- Create and maintain reporting related to security events
- Coordinate with service and operations teams to validate security events and anomalous activity
- Resolve and report on possible causes of security events and alerts
- Operate security tools for continual monitoring and analysis of system/network activity to identify malicious activity
- Assist in the construction of security alerts and processes based on knowledge gained from daily monitoring and triage
- Advise designated managers, and responders of suspected cyber incidents including the event's history, status, and potential impact
- Supervise external data sources to maintain basic knowledge of threat conditions
- Recognize a possible security violation and take appropriate action to raise the incident, as required
Requirements
- Solid grasp of computer networking concepts and protocols, and network security methodologies
- Host/network access control mechanisms
- Intrusion detection methodologies and techniques
- How traffic flows across the network (TCP/IP, OSI, ITIL)
- System and application security threats and vulnerabilities
- Types of network communications (LAN, WAN, MAN, etc)
- File extensions (.zip,.sh,.pcap,.bat,.dll,.py, etc)
- Interpreted and compiled computer languages
- Common charge vectors
- Attack classes (passive, active, insider, distributed, etc)
- Incident response and handling methodologies
- Authentication, authorization, and access control methods
- Information technology (IT) security principles and methods
- Network traffic analysis methods
- Operating systems
- Cyber attackers
- Defense-in-depth principles
- System administration, network, and operating system hardening techniques
- Cyber attack stages
- Network security architecture concepts
- Windows/Unix ports and services
- Operating system command-line tools
- Network protocols
- Running knowledge of cyber threats and vulnerabilities
- Understanding security events related to operating system (Linux and Windows) logs, database logs, VPN logs
- Knowledge of adversarial tactics, techniques, and procedures
- Understanding the use of network tools (ping, traceroute, nmap, etc), host base tools (Tanium, basic Linux and Windows native tools), SIEM (Splunk, ELK, Lumberjack, Splunk Enterprise Security, etc)
- Understanding of cybersecurity and privacy principles and related organizational requirement
Skills
- Detecting host and network-based intrusions via intrusion detection technologies
- Using protocol analyzers
- Recognizing and categorizing types of vulnerabilities and associated attacks
- Reading and interpreting signatures
- Conducting trend analysis
- Evaluating information for reliability, validity, and relevance
- Identifying cyber threats that may jeopardize the organization and/or partner interests
- Preparing and presenting briefings
- Providing analysis to aid writing phased after action reports
- Using Boolean operators to construct simple and sophisticated queries
- Using multiple analytic tools, databases, and techniques
- Using multiple search engines (., Google, Yahoo, LexisNexis, DataStar) and tools in conducting open-source searches
- Applying virtual collaborative workspaces and/or tools (Zoom, JIRA, Confluence, Oradocs, Slack, etc)
- Performing packet-level analysis
- Using a SIEM to detect, research, and perform initial triage of security events
- Exercising good judgment in escalating security events
Abilities
- Think critically
- Ability to think like threat actors
- Apply techniques for detecting host and network-based intrusions using intrusion detection technologies
- Interpret the information collected by network tools
- Recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists
- Effectively collaborate with virtual and remote teams
- Evaluate information for reliability, validity, and relevance
- Exercise judgment when policies are not well-defined
- Function reliably in a dynamic, fast-paced environment
- Ability to function in a collaborative environment, seeking continuous consultation with other analysts and guides, both internal and external to the organization, to demonstrate analytical and technical expertise
- Recognize and mitigate cognitive biases that may affect analysis
Other Requirements and Expectations
- Other tasks and duties as assigned
- Work effectively within a remote team including effective, constant, and collaborative communication with all members of the NSGBU SOC
-
Senior Security Incident Response Engineer
hace 6 días
Guadalajara, Jalisco, México Oracle A tiempo completoJob SummaryWe are seeking a highly skilled Senior Security Incident Response Engineer to join our team at Oracle. As a key member of our security team, you will be responsible for supervising our security tools, performing investigations of escalated notable events, and ensuring the effectiveness of our processes.Key ResponsibilitiesPerform in-depth...
-
SAP Security Analyst
hace 6 días
Guadalajara, Jalisco, México NTT DATA, Inc. A tiempo completoAbout the RoleWe are seeking a highly skilled SAP Security Analyst to join our team at NTT DATA, Inc. as an Enterprise Security Specialist. In this role, you will be responsible for providing expert-level support for the SAP Security platform, ensuring the security and integrity of our clients' data.Key ResponsibilitiesSecurity Configuration and Access...
-
IT Security Specialist
hace 7 días
Guadalajara, Jalisco, México NTT DATA A tiempo completoAbout the RoleWe are seeking an IT Security Specialist (Endpoint Protection) to join our team at NTT DATA. As a key member of our security team, you will be responsible for validating antivirus strategies, implementing and managing endpoint security solutions, and ensuring the overall security and integrity of our IT environment.Key ResponsibilitiesEndpoint...
-
Security Intelligence Specialist
hace 5 días
Guadalajara, Jalisco, México Ibm A tiempo completoAbout IBM ConsultingIBM Consulting is a leading provider of business and technology transformation services, with deep expertise in many industries. We offer strategy, experience, technology, and operations services to help clients accelerate their businesses through collaboration and innovation.Job SummaryWe are seeking a highly skilled Security...
-
Technical Support Specialist
hace 6 días
Guadalajara, Jalisco, México Vipre Security Group A tiempo completoTechnical Support SpecialistVIPRE Security GroupJob Summary:We are seeking a highly skilled Technical Support Specialist to join our team. As a Technical Support Specialist, you will be responsible for providing exceptional customer service and technical support to our clients.Key Responsibilities:Escalation and Resolution: Escalate complex technical issues...
-
Application Security Specialist
hace 5 días
Guadalajara, Jalisco, México Solidigm A tiempo completoAbout SolidigmSolidigm is a leading technology company that specializes in developing innovative memory solutions. As a global organization, we strive to create a diverse and inclusive culture that fosters collaboration and excellence.Job SummaryWe are seeking an experienced Application Security Specialist to join our technology team. As a key member of our...
-
Endpoint Security Specialist
hace 6 días
Guadalajara, Jalisco, México Baxter A tiempo completoAbout Us: Baxter's MissionBaxter is a leading global healthcare company that has been transforming healthcare for over 87 years. Our mission is to improve patient outcomes by delivering innovative medical products and therapies that touch the lives of millions of people around the world every day.Your Role at BaxterWe are transforming our global IT function...
-
Security Operations Specialist
hace 5 días
Guadalajara, Jalisco, México Db Schenker A tiempo completoJob OverviewAt DB Schenker, we are seeking a highly skilled Security Analyst to join our IT team in Guadalajara, Mexico. As a key member of our security operations team, you will play a critical role in protecting our organization's assets and ensuring the confidentiality, integrity, and availability of our data.Key ResponsibilitiesMonitor and analyze...
-
Cyber Security Project Manager
hace 6 días
Guadalajara, Jalisco, México Altumware A tiempo completoAbout the Role:We are seeking a highly skilled Cyber Security Project Manager to join our team at Altumware. As a Cyber Security Project Manager, you will be responsible for overseeing the implementation of security measures to protect our network and systems.Key Responsibilities:Monitor network traffic for security-related issues and investigate incidents...
-
System Security Administrator
hace 5 días
Guadalajara, Jalisco, México Jabil Circuit A tiempo completoJob SummaryWe are seeking a highly skilled System Security Administrator to join our team at Jabil Circuit. As a key member of our security team, you will be responsible for monitoring and reporting security events, administering security tools and devices, and ensuring their optimal functionality.Key ResponsibilitiesMonitor and report security events in the...
-
Security Engineer I
hace 2 días
Guadalajara, Jalisco, México F5 Inc. A tiempo completoAbout F5 Inc.F5 Inc. is a leading provider of application delivery networking and security solutions. Our mission is to bring a better digital world to life by empowering organizations to create, secure, and run applications that enhance how we experience our evolving digital world.Job SummaryWe are seeking a highly skilled Security Operations Center (SOC)...
-
Security Engineer I
hace 7 días
Guadalajara, Jalisco, México F5 A tiempo completoAbout F5F5 is a leading provider of cloud security solutions, empowering organizations to create, secure, and run applications that enhance the digital experience.Our teams are passionate about cybersecurity, working to protect consumers from fraud and enable companies to focus on innovation.We prioritize a diverse and inclusive community where each...
-
Cybersecurity Specialist
hace 6 días
Guadalajara, Jalisco, México Quantum A tiempo completoAbout the RoleWe are seeking a highly skilled Cybersecurity Specialist to join our team at Quantum. As a key member of our Information Security team, you will play a critical role in protecting our organization's assets and data from cyber threats.Key ResponsibilitiesIncident Response: Investigate and respond to security incidents in a timely and effective...
-
Cybersecurity Operations Specialist
hace 6 días
Guadalajara, Jalisco, México Plexus A tiempo completoAbout the RolePlexus is seeking a highly skilled Cybersecurity Operations Analyst II to join our team. As a key member of our security operations team, you will be responsible for monitoring and analyzing security threats, investigating incidents, and providing incident response support.Key ResponsibilitiesConduct operational monitoring and investigate...
-
Cybersecurity Engineer I
hace 6 días
Guadalajara, Jalisco, México Radian Generation A tiempo completoAbout Radian GenerationRadian Generation is a leading provider of cutting-edge technology solutions for the renewable energy sector, offering a comprehensive range of services to support the entire lifecycle of renewable facilities.We serve a diverse client base, including developers, owners, and operators of renewable energy assets, providing them with...
-
Senior Security Specialist
hace 6 días
Guadalajara, Jalisco, México Baxter Healthcare A tiempo completoAbout Baxter HealthcareBaxter Healthcare is a leading global medical products company that provides a broad portfolio of essential renal and hospital products, including home, acute and in-centre dialysis; sterile IV solutions; infusion systems and devices; parenteral nutrition; surgery products and anesthetics; and pharmacy automation, software and...
-
Cybersecurity Engineer I
hace 6 días
Guadalajara, Jalisco, México Radian Generation LLC A tiempo completoAbout Radian Generation LLCRadian Generation LLC is a leading provider of critical technology-forward services designed to support the comprehensive lifecycle of renewable facilities, including solar, wind, and energy storage.We serve a wide range of commercial, technical, and compliance clients, providing them with critical insights into each aspect of...
-
Security Operations Center Lead
hace 6 días
Guadalajara, Jalisco, México DEPROC CONSULTORIA EN PROCESOS Y COACHING A tiempo completoJob SummaryWe are seeking a highly skilled and experienced Security Operations Center Lead to join our team at DEPROC CONSULTORIA EN PROCESOS Y COACHING. As a key member of our organization, you will be responsible for leading and managing our Security Operations Center, ensuring the efficient and effective 24/7 monitoring of all renewable energy...
-
Customer Response Specialist
hace 2 días
Guadalajara, Jalisco, México Td Synnex A tiempo completoAbout the RoleWe are seeking a highly motivated and detail-oriented Customer Response Specialist to join our team at TD SYNNEX. As a key member of our pre-sales support team, you will be responsible for providing exceptional customer service and support to our clients.Key Responsibilities:Provide timely and accurate responses to customer inquiries regarding...
-
Information Security Specialist
hace 4 semanas
Guadalajara, Jalisco, México Amdocs A tiempo completoJob ID: 190983Required Travel : Minimal Managerial - No Location: Mexico-Guadalajara (AM) Who are we?Amdocs helps those who build the future to make it amazing. With our market-leading portfolio of software products and services, we unlock our customers' innovative potential, empowering them to provide next-generation communication and media experiences for...