Analista de Incidente de Seguridad de IT
Regular
Exempt
GENERAL DESCRIPTION:
Responsible for guaranteeing compliance with security policies and procedures and internal controls, to analyze, address, and solve security events at the system, process, or user levels.
ESSENTIAL FUNCTIONS:
Manages and implements the security event process, analyzing, classifying, referring, escalating, controlling, and eradicating events as necessary and established in the management policy for security incidents.
Manages and configures the security platforms that monitor and log security events (for example, SIEM). Develops and maintains an updated digital archive of all events recorded and managed in security. Keeps records available for internal and external audit purposes.
Guarantees that our Security Operation Center (SOC) has up-to-date platforms, processes, and reports that handle security event detection.
Serves as the first level of contact for security events reported by the SOC or by internal processes, which do not identify the Service Desk as the first level. Otherwise, they will serve as the second level of contact.
Identifies and analyzes processes that can be documented and assigned to the Company Service Desk to streamline processes and incident management.
Helps the production support area by verifying second-level and third-level safety support situations on production issues, which may include coordinating and maintaining communication with other internal units, vendors, and manufacturers external to the Company to solve the situation presented.
Maintains communication with the Human Resources department to report information security events that must be escalated and/or addressed by this unit for compliance with the policy.
Advises users on all matters related to security events arising in the Company.
Performs and sends a monthly summary report of recorded events, and determination or status for each event.
Maintains up-to-date documentation necessary for their responsibilities, such as system inventories, applications and location, incident listings, flowcharts, diagrams, and any other documentation concerning the operation of the incident unit.
Performs recurring tasks for internal and external audit compliance. Maintains and provides all documentation and information related to their responsibilities to demonstrate the monitoring of established controls.
Conducts investigations to show that reported incidents are positive or false/positive and takes corrective actions accordingly.
Performs additional investigations when requested by other departments.
Monitors security control indicators to guarantee compliance with acceptable security level thresholds and different service level agreements. Keeps up to date on the latest security attack trends. Verifies and validates the action to be taken with each attack pattern.
Keeps up to date on new technologies and IT security issues which will help them make recommendations that will benefit the Company when implementing or replacing the current process to protect information and assets.
Takes part in privacy incidents to guarantee compliance with applicable industry laws and regulations.
Constantly reviews HIPAA regulations, delegated entities, and electronic transactions to guarantee compliance with them.
Must comply fully and consistently with all company policies and procedures, with local and federal laws as well
as with the regulations applicable to our Industry, to maintain appropriate business and employment practices.
May carry out other duties and responsibilities as assigned, according to the requirements of education and experience contained in this document.
MINIMUM QUALIFICATIONS:
Education and Experience:
Bachelor's degree in Computer Science or Information Systems. Three (3) years of experience in the management or administration of IT security events or incidents and their platforms, such as SIEM, Antivirus, Patch Systems, and Vulnerability scan tools, among others.
"Proven experience may be replaced by previously established requirements."
Certifications/Licenses:
Some certifications in areas such as network +, security +, CCNA, and CISSP are preferred.
Other:
Knowledge in areas of cybersecurity and common attacks, such as DDOS, attacks, Brute force attacks, SQL injection, ransomware, and so on.
Languages:
Spanish –
Intermediate (comprehensive, writing and verbal)
English –
Intermediate (comprehensive, writing and verbal)
"Somos un patrono con igualdad de oportunidad en el empleo y tomamos Acción Afirmativa para reclutar a Mujeres, Minorías, Veteranos Protegidos y Personas con Impedimento
"