Se necesita Incident Response Analyst (Junior-Mid-Senior)
At New Talent, we are looking for our Client BM Global Services Buenos Aires (Important Multinational Professional Services Company in the process of Start up in Buenos Aires, Argentina), a Incident Response Analyst to join the Global Service Center in Buenos Aires, focused on providing high quality services to its internal clients around the world.
Skills: Ability to gather and analyze facts, draw conclusions, define problems, and suggest solutions, Maintain critical thinking and composure under pressure, Strong written and oral communication skills. Ability to convey complex concepts to non-technical constituents. Capable of providing assistance with the preparation of internal training materials and documentation, Ability to be productive and maintain focus without direct supervision, Passionate in the practice and pursuit of IR excellence, Exhibits a disciplined and rigorous approach to incident handling, Willing to accommodate shift-based work for a global organization, Provide exemplary customer service by striving for first call resolution and demonstrating, empathy, respect, professionalism, and expertise, Openess for Intercultural Collaboration.
Role Purpose: Global Incident Response Coordinator provides detection, containment, and analysis of security events to protect the confidentiality, integrity, and availability of information systems in accordance with the firm's business objectives, regulatory requirements, and strategic goals.
Academic Credentials: Possess a Computer Science Bachelor’s Degree or substantial equivalent experience
• Language level: Proficiency in oral and written English.
Special Requirements, Licenses, and Certifications
• GCFE, GCFA, GCTI, GREM, GPEN, GWAPT
• CISSP or SSCP desired
• Five years of professional experience in information security with a focus on incident response and forensics.
• Applied knowledge of IR concepts and best practices, including forensics and chain-of-custody.
• Experience with common IR tools such as SIEM, log management, IDS, breach detection systems (APT/BDS/EDR), and packet capture.
• Broad understanding of TCP/IP, DNS, common network services, and other foundational topics.
• Intermediate knowledge of malware detection, analysis, and evasion techniques.
• 3+ years experience in malware analysis (executables, scripts, office documents), rootkits, bootkits, traffic analysis (Wireshark) and proficient use of disassemblers (IDAPro) or debuggers (OllyDBG, winDBG).
• Experienced in penetration testing and vulnerability assessment on enterprise systems and networks to enhance network security. Experienced in web application penetration testing with BurpSuite or other similar web application security tools. Knowledgeable with software attack and exploitation techniques.
• Broad familiarity with the threat landscape and the ability to adapt practices to evolving circumstances.
• Experienced threat hunter using with use of MITRE's ATT&CK or similar framework. Familiar with the hunting maturity model and understand a variety of different types of data analysis techniques to identify malicious activity. Created and published hunting procedures.
• 2+ years experience with digital forensics on host or network and identification of anomalous behavior on network or endpoint devices. Knowledgeable with industry standard forensic best practices while imaging, preserving, transporting and handling electronic data from a diverse set of digital data sources, including laptop and desktop computers, servers, networks and mobile devices.
• Provide Tier 2 incident response services to the global organization on behalf of the Information Security Team.
• Receive, process, and resolve tickets per defined SLA's.
• Analyze information garnered from monitoring systems, operational incidents, and other sources to determine the scope and impact of potential security incidents, and process accordingly.
• Critically assess current practices and provide feedback to management on improvement opportunities.
• Assist with the design and implementation of threat detection and prevention solutions identified as necessary for the protection of Firm assets.
• Effectively utilize common IR toolsets, platforms, and processes, such as SIEM, log management, packet capture, and breach detection systems.
• Provide assistance with forensic examinations and chain -of-custody procedures as directed by the Security Incident Response Engineers.
• Provide input into standards and procedures.
• Report compliance failures to management for immediate remediation.
• Maintain assigned systems to ensure availability, reliability, integrity, including the oversight of current and projected capacity, performance, and licensing.
• Provide status reports and relevant metrics to the Security Operations Manager.
• Contribute to the Firm's security-related information repositories and other marketing/awareness endeavours.
• Participate in special projects as needed.
Working day: Full Time / Permanent.
It offers: Excellent Contracting Conditions and Important Benefits