Information Security Analyst

**Location: Monterrey or Matamoros, Mexico**:** Applications from persons not living in Mexico will NOT be accepted.**The Information Security Analyst is responsible for activities relating to monitoring and responding to security events. The analyst receives, researches, triages, and documents all security events and alerts as they are received, supporting multiple security-related platforms and technologies, interfacing with colleagues in the security team and beyond as well as external partners.Information Security Analysts improve the overall security posture of the enterprise. They evaluate, test, and document security solutions and controls, and work closely with other team members to remediate risk while ensuring the business can innovate. Analysts must continually adapt to stay ahead of attackers and the latest methods they use. Individuals in this role are expected to consistently learn and grow. This is not a passive career opportunity, but rather one that requires a passion for security and a discipline to protect the business.**Essential Job Duties**- Monitor and process response for security events on a 24x7 basis with other team members.- Plan and execute regular incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention).- Stay current with and remain knowledgeable about new threats. Analyze attacker tactics, techniques, and procedures from security events across a large heterogeneous network.- Participate in threat modeling collaboration with other members of the security team.- Seek opportunities to drive efficiencies, leveraging automation and orchestration.- Assist with incident response as events are escalated, including triage, remediation, and documentation.- Aid in threat and vulnerability research across event data collected by systems.- Work alongside other security team members to hunt for and identify security issues generated from the network, including third-party relationships.- Share information as directed.- Manage security event investigations, partnering with other departments as needed.- Evaluate policies and procedures, recommending updates to management as appropriate.- Adhere to service level agreements, metrics, and business scorecard obligations for ticket handling of security incidents and events.- Leverage knowledge in multiple security disciplines to offer global solutions for a complex heterogeneous environment.- Maintain working knowledge of advanced threat detection as the industry evolves.- Participate in technical and non-technical projects requiring information security oversight and to ensure policies, procedures and standards are met.**Skills and Experience**- 2-5 years information security experience (or IT coupled with security).- Experience working with security incident and event management systems, threat intelligence platforms, security automation and orchestration solutions, intrusion detection and prevention systems, file integrity monitoring, data loss prevention, and other network and system monitoring tools.- Knowledge of a variety of internet protocols.- Experience working in a 24x7 operational environment with geographic diversity preferred.- Highly technical and analytical expertise.- Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.- Experience with one or more of the following: NIST, ISO 27001, PCI DSS, HIPAA, HITECH, SOX,- GDPR, CCPA, CIS, or SOC 2.- Working knowledge of Windows, Mac, and Linux.- Experience with change and project management.- Fluency in English and at least one additional language in the region is required.**Education Requirements**- Preferably higher education with an analytical focus such as, but not limited to, information security, or equivalent industry experience.**Certification Requirements**- GCIH, GCIA, CND, ECIH, CEH, or CySA+ preferred.