Job Details – this job has expired, please see similar jobs below
CSIRT Engineer - CSA (SRO CSIRT Mexico)
Mexico City, Mexico Or Remote Mexico
The Company Security & Resiliency organization manages the security risk across all aspects of Company’s business. We are currently experiencing incredible growth in order to meet the security needs of the world’s largest technology company. With team members located in over 15 countries, you will have an excellent opportunity to influence the security culture at Company and further develop your career.
Company is a worldwide provider of information technology services and business solutions to a broad range of clients. We seek men and women who share our values, thrive in a team environment, and recognize the importance of accountability; people who strive to exceed expectations to ensure our Clients' success.
We are currently seeking an Incident Response Advisor to join our Security & Resiliency team, based in Bedford, MA. This role is responsible for investigating and reporting of major security incidents supporting all Company business units and mergers & acquisitions. This role requires experience in all phases of Cybersecurity Incident Response including preparation, analysis, notification, response, recovery, and post-mortem. The CyberSecurity Intelligence & Response Team (CSIRT) under Security & Resiliency team is responsible for coordinating with IT, Legal, Human Resources, and other appropriate business units to gather incident details, assess impact, and coordinate response. This role interacts with all levels of the organization, particularly within the Global IT organization and is viewed as a subject matter expert on Incident Response.
The focus of the role is representing the Incident Response teams in matters of Strategy and Architecture. The role will be the liaison between the CSIRT and project / operational teams across Company providing Incident Response subject matter expertise to these initiatives. This role will primarily focus on documenting the system and network telemetry gathered by CyberSecurity devices and the capabilities they provide to the Incident Response Team.
Represent the CSIRT organization on Security, IT and Business driven projects
◦ Formulation and prioritization of Incident Response Team’s requirements for projects and POCs
◦ Testing and validation of requirements and gap analysis
Provide IR focused subject matter expertise to various projects and initiatives
Responsible for helping to drive CSIRT strategy and architecture to ensure that it aligns with larger Company strategy
Work with CSIRT teams to assist with development of their strategy and to understand their architectural requirements
Assisting with maturing the Security Incident Response process to ensure it meets the needs of the global business and is adhered to.
Interface with other CSIRT teams to continuously improve the Incident Response function through both process and function
6+ years of hands-on experience with a focus in areas such as systems, network, or information security / cybersecurity
3+ years of cybersecurity Incident Response experience
Should possess one or more of the following certifications – CISSP, SANS GCIH, GCIA, GNFA, GREM
Exceptional ability to conduct cybersecurity investigations, analyze and distill relevant findings and determine root cause
Strong knowledge of security technologies such as SIEM, Full packet capture, Firewall/NGFW, IDS/IPS, EDR, DLP, UEBA
Strong knowledge of web technologies, networking protocols, Microsoft Windows and Linux/Unix platforms and tools with related experience in corporate infrastructures
Strong technical experience and familiarity with various types and techniques of cyber-attacks, with the incident response and threat hunting lifecycles.
Excellent analytical thinking, time management, and coordination skills and excellent command in English (both written and verbal)
Ability to work in a dynamic and multicultural environment, with a positive and professional attitude
Sign up and search through 102,150 curated jobs in the Tech Edition: