¡Activa las notificaciones laborales por email!
Security Monitoring Analyst
Santander
Ciudad de México
Presencial
MXN 200,000 - 400,000
Jornada completa
Genera un currículum adaptado en cuestión de minutos
Consigue la entrevista y gana más. Más información
Descripción de la vacante
A leading financial institution is seeking a Security Monitoring Analyst in Mexico City. In this role, you will join the Cyber Fusion Center, focusing on monitoring indicators of attack and improving security processes. Candidates should have 5-7 years of cybersecurity monitoring experience, proficiency with Splunk, and a strong understanding of security event analysis. Fluency in English and Spanish is required. This position offers a chance to significantly impact security strategies in a dynamic environment.
Formación
- 5-7 years of cyber security monitoring experience.
- Experience with Splunk searches and queries.
- Ability to think like an attacker.
Responsabilidades
- Monitor and detect security events from various technologies.
- Investigate and determine false positives.
- Document, investigate, and notify about security events.
Conocimientos
Herramientas
The Security Monitoring Analyst would join the Cyber Fusion Center (CFC) and work to monitor for indicators of attack and improve our processes and procedure. A successful candidate for this role will have experience reviewing security events from multiple systems (Windows, Unix, routers, switches and endpoints) and be able to understand what events are benign and what may be malicious based on data classification, behavior and context. While this role focuses heavily on review and triage of events, a successful candidate will also know how to design and implement correlation searches to respond to changes in the environment and reduce false positives.
- 5-7 years of cyber security monitoring experience
- Skilled with Splunk searches and queries
- Strong adversarial mindset (think like an attacker)
- Coaching and mentorship skills
- Monitor and detect security events from SIEM, Log collection Engines and other security technologies, such as Splunk and McAfee DLP
- Perform investigations using security platforms to determine false positives or escalate (i.e. IDS/IPS, DLP, etc.)
- Monitoring of health alerts and downstream dependencies
- Review and take a proactive approach to false positive and work with other teams to improve accuracy of the alerts
- Document, investigate and notify appropriate contact for security events and response; collaborate with technical teams for security incident remediation and communication
- Conduct security research on threats and remediation methods
- Prepares system security reports by collecting, analyzing, and summarizing data and trends; presents reporting for management review
- Fluent in English and Spanish
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
