Job Details

Security SOC/SIEM Analyst

Company Apply Now

Softtek

Published

2021-06-03

Closes

2021-08-31

Location

Aguascalientes, Mexico

Category

Information Technology, incidents, Splunk, SOC, IDS/IPS

Type

Description

Security SOC/SIEM Analyst 

Platform.- Splunk (Primary), ELK, logrhythm, IDS/IPS, Cylance, Proofpoint, ESET.
a. Manage and understand IDS/IPS technologies
b. 2 years' experience as IT Security Operation, SIEM, SOC, Network Security, Threat Analysis or equivalent knowledge.
c. Knowledge of network architecture strongly preferred.
d. Experience in architecture, design and administration of security monitoring tools, such as firewalls, IDS/IPS, proxies, SIEM, etc.
e. Experience in performing manual and/or automated security configuration reviews of network devices, servers, and workstations
f. Experience driving remediation, such as firewall rule tuning; agent health on endpoints, insecure configurations
g. Understanding of network and system intrusion and detection methods. Examples of related technologies include Splunk, Next Generation Endpoint Protection Platforms (EPP), Security information and event management (SIEM), hacking tools techniques and procedures.
h. Experience with malware analysis, endpoint lateral movement detection methodologies and host forensic tools
i. Experience managing a threat monitoring program, including process definition, threat assessment, related operational activities and providing security oversight related to the risk mitigation
j. Experience developing SIEM content/use cases with specific experience writing content rules
k. Expand the usage of security monitoring tools to improve the security of the environment, including detection, prevention and policy enforcement. Define security configuration for monitoring tools, including alerts, correlation rules, and reporting

English level: Very Good

Relocation: AGS, CDMX, ENS, GDL, MTY