Key responsibilities
- monitor security events received through alerts from siem or other security tools
- revise alerts escalated by end users carry out level 1 triage of incoming issues (initial assessing the priority of the event,
- initial determination of incident to determine risk and damage or appropriate routing of security or privacy data request)
- carry out limited incident response to end users for low complexity security incidents
- maintain assigned ticket queue
- participate actively in the resolution of incidents, even after they are escalated
qualifications
- technical degree or computing modules
- 1 year of experience in a soc
- proficiency in using security information and event management (siem) solutions
- familiarity with other security tools, including firewalls, intrusion detection systems (ids), and vulnerability scanners.
- security essentials
- computer forensic investigation-windows in depth
- security incident handling and forensics.
- nice to have - fluent in english and spanish, written and spoken (b2 desired)
- familiarity with prevalent cyber threats, such as malware, phishing attacks, and ddos attacks
- general network knowledge, tcp/ip troubleshooting
- ability to trace down an endpoint on the network based on ticket information
- familiarity with system log information and what it means.
this position is in queretaro.