Key responsibilities
* monitor security events received through alerts from siem or other security tools
* revise alerts escalated by end users carry out level 1 triage of incoming issues (initial assessing the priority of the event,
* initial determination of incident to determine risk and damage or appropriate routing of security or privacy data request)
* carry out limited incident response to end users for low complexity security incidents
* maintain assigned ticket queue
* participate actively in the resolution of incidents, even after they are escalated
qualifications
* technical degree or computing modules
* 1 year of experience in a soc
* proficiency in using security information and event management (siem) solutions
* familiarity with other security tools, including firewalls, intrusion detection systems (ids), and vulnerability scanners.
* security essentials
* computer forensic investigation-windows in depth
* security incident handling and forensics.
* nice to have - fluent in english and spanish, written and spoken (b2 desired)
* familiarity with prevalent cyber threats, such as malware, phishing attacks, and ddos attacks
* general network knowledge, tcp/ip troubleshooting
* ability to trace down an endpoint on the network based on ticket information
* familiarity with system log information and what it means.
this position is in queretaro.