Trabajos

    Cybersecurity Tier 2 - Lagunilla, Costa Rica - Sysco Costa Rica

    Sysco Costa Rica
    Sysco Costa Rica Lagunilla, Costa Rica

    hace 2 horas

    Sysco Costa Rica background
    De jornada completa
    Descripción

    Cyber Security Analyst is responsible for the real-time identification and alerting of information security events that pose an immediate risk to Sysco's employees, customers, suppliers, shareholders, partners, or business operations.

    Requirements

    • Cybersecurity SOC Tier 2 analyst must be able to do the following:
    • Correlate threat data from various sources to establish the threat/impact against the network.
    • After assessment of the data, recommend appropriate countermeasures, facilitating tracking, preliminary handling of investigations, and reporting of all security events and computer incidents.
    • Remediation actions and apply lessons learned to security incident investigation and resolution
    • Perform monitoring, identification and resolution of security events to detect threats through analysis, investigations and prioritization of events based on risk/exposure
    • Develop processes which analyzes data, producing accurate, meaningful, easily interpreted results based on user requirements and use cases
    • Develop processes which align with enterprise incident response activities and coordinate closely with other teams within the Security Operations Center
    • Create custom tool content to enhance capabilities of security operations teams
    • Manage the collection, documentation and research of security events generated by the SOC monitoring platform and infrastructure
    • Provide support to Security Incident Management aligned with NIST standards

    Technical writing experience

    • Standard Operating Procedures
    • Runbooks/Playbooks
    • Incident Response Plans
    • Support training develop with both analysts and tabletop exercises
    • Assist or lead the effort in Tool configuration and content creation

    Qualifications:

    • 2-4 years of experience on one of the following team(s): Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC)
    • Degree in Computer Science, Information Technology, or equivalent work experience
    • Experience supporting Cyber Security Operations in a large enterprise environment
    • Experience with Incident Response, analysis of network traffic, log analysis, ability to prioritize and differentiate between potential intrusion attempts and false alarms, managing and tracking investigations to resolution
    • Experience with SIEM & Log Management solution
    • Familiarity with one of the following; NIST Incident Response Lifecycle, Cyber Kill Chain, Adversarial Tactics, Techniques & Common Knowledge (ATT&CK) Metrics
    • CCNA Security, GCIA, GCIH, CYSA+, Security+ or other related security certifications
    • At minimum there must be one active security certification
    • Work schedule:
      • Monday to Thursday from 10:00 am to 8:00 pm.
      • Thursday to Sunday from 10:00 am to 8:00 pm.

    Experience with one or more of the following tools:

    • Qradar SIEM/Cortex XSOAR
    • SentinelOne
    • Proofpoint Email
    • Azure Suite
    • Zscaler

    Benefits

    • Hybrid (2 days Office/Ultra park II Lagunilla, Heredia)
    • Private Medical Insurance
    • Asociacion Solidarista
    • Life Insurance
    • Personal Day Off
    • Working Hours: 10am – 8pm local time