Security Monitoring Analyst (Country: Mexico)
The Security Monitoring Analyst would join the Cyber Fusion Center (CFC) and work to monitor for indicators of attack and improve our processes and procedure. A successful candidate for this role will have experience reviewing security events from multiple systems (Windows, Unix, routers, switches and endpoints) and be able to understand what events are benign and what may be malicious based on data classification, behavior and context. While this role focuses heavily on review and triage of events, a successful candidate will also know how to design and implement correlation searches to respond to changes in the environment and reduce false positives.
Experience
Years of cyber security monitoring experience
Skilled with Splunk searches and queries
Strong adversarial mindset (think like an attacker)
Coaching and mentorship skills
Monitor and detect security events from SIEM, Log collection Engines and other security technologies, such as Splunk and McAfee DLP
Perform investigations using security platforms to determine false positives or to escrow (i.e., IDS/IPS, DLP, etc.)
Monitoring of health alerts and downstream dependencies
Review and take a proactive approach to false positive and work with other teams to improve accuracy of the alerts
Document, investigate and notify appropriate contact for security events and response Collaborate with technical teams for security incident remediation and communication
Conduct security research on threats and remediation methods
Prepares system security reports by collecting, analyzing, and summarizing data and trends; presents reporting for management revie
Fluent in English and Spanish
#J-18808-Ljbffr