Cybersecurity Senior Incident Responder Americas
We are seeking an experienced and motivated Incident detection and response Manager to join our dedicated cyberdefense team, where the CERT handles the SOC and CERT activities. As a Cybersecurity senior incident responder, you will leverage your prior experience and expertise to monitor, respond to, and mitigate cybersecurity incidents. Under the management of the global CERT manager, you will lead the group of analysts for the Americas zone in coordination with the rest of the 24/7 CERT. Your role will be pivotal in ensuring the security and resilience of our organization's digital assets and infrastructure.
1. Incident Detection and Response:
- Monitor and analyze security alerts and logs to promptly identify and respond to potential security incidents.
- Lead the response and investigation of security breaches, coordinating with cross-functional teams to contain and mitigate threats.
- Apply your knowledge of incident response methodologies to minimize impact and conduct post-incident analysis.
- Threat Analysis and Mitigation:
- Utilize your experience to analyze network traffic, logs, and other data sources to detect and investigate threats.
- Collaborate with internal teams to assess incidents and recommend appropriate remediation actions.
- Leverage advanced threat detection tools and techniques to proactively identify emerging risks.
- Vulnerability Management:
- Apply your expertise in vulnerability assessment and penetration testing to identify exploitation detection ways.
- Security Operations management:
- Ensure incidents are handled in a timely and qualitative manner, identify areas for continuous improvement.
- Participate in the operation and continuous improvement of security information and event management (SIEM) systems.
- Manage the CERT analysts for the Americas zone, in coordination with the CERT manager.
- Provide mentorship and guidance to junior analysts, sharing your knowledge and fostering professional growth.
- Develop and refine standard operating procedures (SOPs) for incident response and other critical processes.
- Threat Intelligence Integration:
- Stay abreast of emerging threats, vulnerabilities, and tactics through continuous research and engagement with cybersecurity communities.
- Incorporate threat intelligence into your daily analysis and response activities to enhance proactive threat detection.
- Documentation and Reporting:
- Create comprehensive incident reports, analysis summaries, and documentation for management and regulatory purposes.
- Maintain meticulous records of incidents, investigations, and mitigation efforts.
Minimum Requirements:
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent work experience).
- Minimum of 5 years of hands-on experience in a SOC, CERT, or similar cybersecurity role.
- Professional certifications such as Certified Ethical Hacker (CEH), and SANS FOR500 (or equivalent) are highly desirable.
- Strong proficiency in using EDR, SIEM and SOAR tools and other cybersecurity technologies.
- Demonstrated ability to analyze network traffic, logs, and security artefacts to detect and respond to threats. Windows forensics and scripting skills are a plus.
- Strong knowledge in most common IT protocols (network, system, email…)
- Proven expertise in incident response methodologies, including containment, eradication, and recovery.
- Strong communication skills,
both technical and non-technical, for effective collaboration and reporting.
- Leadership skills to mentor and guide junior analysts.
- Experience in OT cybersecurity would be a plus.
- Fluent in English and Spanish, French is a plus.
#J-18808-Ljbffr
