Detection and Response Specialist - Cybersecurity

Acerca de nuestro cliente

Multinational Company

Descripción

We are looking for a bilingual and experienced Monitoring, Detection, and Response Specialist to join our cybersecurity team. This fully remote role (based in Colombia) requires a strong background in security operations, threat detection, and incident response. The ideal candidate will lead the development and automation of processes to respond to security incidents, ensuring the protection of the organization's systems, networks, and data from cyber threats.

Cyber Monitoring & Detection

• Design and manage security monitoring systems to identify threats.
• Optimize SIEM tools (e.g., configuring alerts, dashboards, and reports).
• Continuously monitor logs and use threat intelligence to detect anomalies.
• Fine-tune detection rules to reduce false positives.
• Design log ingestion processes based on business needs.

Incident Response

• Define and lead the full incident response lifecycle (preparation to post-incident).
• Coordinate with internal/external teams (IT, legal, communications).
• Develop and test incident response playbooks.
• Conduct post-incident reviews and simulations (e.g., tabletop exercises).
• Monitor incident response tools and integrate advanced logs.
• Align detection rules with MITRE ATT&CK and other frameworks.
• Define and automate incident response actions.
• Establish maturity models and metrics for monitoring.
• Escalate high-severity incidents (L3/L4).
• Implement ticketing systems and evaluate tools for incident response.

Collaboration & Reporting

• Identify and implement automation opportunities.
• Continuously improve incident response processes.
• Work with cross-functional teams to align security practices.
• Evaluate third-party tools and vendors.
• Provide guidance on threat detection and response.
• Report on incident metrics, KPIs, and trends.
• Mentor junior analysts and support investigations.

Perfil buscado (h/m)

• Language: Bilingual (English-Spanish), B1/B2 level.
• Education: Bachelor's in Computer Science; postgraduate in cybersecurity is a plus.
• Certifications: GCIH, GCFA, CEH, or similar are highly desirable.
• Experience: 5+ years in cybersecurity, 3+ in detection and response.
• Tools: Experience with SIEMs (Splunk, QRadar, etc.), EDR/XDR, cloud platforms (AWS, Azure, GCP).
• Skills: Strong knowledge of NIST/SANS frameworks, network protocols, communication, problem-solving, and adaptability under pressure.

Qué Ofrecemos

• Opportunity to join a multinational company and work with international teams