Trabajo de Security Monitoring and Response en Softtek, Ciudad de México - México

Security Monitoring and Response

  • Responsabilities:

 

·          Cyber security monitoring and managing the cyber security incident response lifecycle.

 

    The primary objectives are monitoring for cyber threats, responding to, analyzing and triaging alerts and conducting root cause analysis and minimizing the impact of the threat.

 

·          Responsible for the day-to-day management of cyber security incidents, and through detailed analysis, interviews and threat research, be able to discern a legitimate threat from a false positive event.

 

·          Includes the creation of an incident in a ticketing system, ownership and assignment of tasks, tracking, facilitation of meetings and analysis sessions, collection of data, note taking, communication, reporting, and management of documentation in the form of incident reports and procedure updates (IR playbooks and procedures).

 

Knowledge:

 

·          Network communications

·          Windows internals (subsystem, authentication process: Kerberos)

·          Unix

·          Intrusion Detection Devices (IDS), firewalls, load balancers, proxies, DLP

·          Email, including mail routing, email header analysis

·          Cloud computing concepts

·          PowerShell