Se necesita Incident Response Analyst
We are recruiting for our client, a Leading Global Services Firm, an Incident Response Analyst to provide high quality services to its internal and external clients around the world.
The Incident Response Analyst will provide detection, containment, and analysis of security events to protect the confidentiality, integrity, and availability of information systems in accordance with the firm's business objectives, regulatory requirements, and strategic goals.
- Provide Tier 2 incident response services to the global organization on behalf of the Information Security Team.
- Receive, process, and resolve tickets per defined SLA's.
- Analyze information garnered from monitoring systems, operational incidents, and other sources to determine the scope and impact of potential security incidents, and process accordingly.
- Critically assess current practices and provide feedback to management on improvement opportunities.
- Assist with the design and implementation of threat detection and prevention solutions identified as necessary for the protection of Firm assets.
- Effectively utilize common IR toolsets, platforms, and processes, such as SIEM, log management, packet capture, and breach detection systems.
- Provide assistance with forensic examinations and chain -of-custody procedures as directed by the Security Incident Response Engineers.
- Provide input into standards and procedures.
- Report compliance failures to management for immediate remediation.
- Maintain assigned systems to ensure availability, reliability, integrity, including the oversight of current and projected capacity, performance, and licensing.
- Provide status reports and relevant metrics to the Security Operations Manager.
- Contribute to the Firm's security-related information repositories and other marketing/awareness endeavours.
- Participate in special projects as needed
Skills and Experience:
- +2 years of professional experience in information security with a focus on incident response and forensics.
- Foundational knowledge of IR concepts and best practices, including forensics and chain-of-custody.
- Experience with common IR tools such as SIEM, log management, IDS, breach detection systems (APT/BDS/EDR), and packet capture.
- Broad understanding of TCP/IP, DNS, common network services, and other foundational topics.
- Working knowledge of malware detection, analysis, and evasion techniques.
- Able to conduct static and dynamic analysis of malware to extract indicators of compromise, profile malware behaviour, and provide recommendations for mitigating and detecting malware.
- Able to analyze suspicious websites, script-based and malware code
- Experienced with vulnerability management tools such as Qualys, Nessus or other vulnerability scanning discovery tools
- Broad familiarity with the threat landscape and the ability to adapt practices to evolving circumstances.
- Identify, analyze, and report threats within the enterprise by using information collected from a variety of sources (IDS/IPS, SIEM, AV), to protect data and networks.
- Strong written and oral communication skills. Proficiency in oral and written English.
- Experience with digital forensics on host or network and identification of anomalous behaviour on network or endpoint devices. Familiar with host and network based forensic tools such as EnCase, FTK, Sleuth Kit, X Ways etc.
- GSEC and GCIH are highly desired
- Bilingual English level
We offer very attractive hiring terms and benefits, directly with the company.
Working place: Puerto Madero
If you are looking for challenge, this is your opportunity!