°°°Security SOC/SIEM Analyst°°°
Company Apply Now
Aguascalientes,, Aguascalientes, Mexico
Information Technology, Security
Security SOC/SIEM Analyst
Aguascalientes Mexico - Platform.- Splunk (Primary), ELK, logrhythm, IDS/IPS, Proofpoint, ESET.
- +3 years' experience as IT Security Operation, SIEM, SOC, Network Security, Threat Analysis or equivalent knowledge.
- Knowledge of network architecture strongly preferred.
Experience in architecture, design and administration of security monitoring tools, such as firewalls, IDS/IPS, proxies, SIEM, etc.
- Experience in performing manual and/or automated security configuration reviews of network devices, servers, and workstations
- Experience driving remediation, such as firewall rule tuning; agent health on endpoints, insecure configurationsUUnderstanding of network and system intrusion and detection methods. Examples of related technologies include Splunk, Next Generation Endpoint Protection Platforms (EPP), Security information and event management (SIEM), hacking tools techniques and procedures.
- Experience with malware analysis, endpoint lateral movement detection methodologies and host forensic tools
- Experience managing a threat monitoring program, including process definition, threat assessment, related operational activities and providing security oversight related to the risk mitigation
- Experience developing SIEM content/use cases with specific experience writing content rules
- Expand the usage of security monitoring tools to improve the security of the environment, including detection, prevention and policy enforcement. Define security configuration for monitoring tools, including alerts, correlation rules, and reporting. Leverage a combination---