Incident Response Team - Alert Analyst

Disponibilidad de horario, turnos 12x5

English Advanced 80-95%,

Aguascalientes, Hybrid w/Softtek

Monitor the ticket console and react to new and existing security tickets at a 1st line/Tier 1 level.

Tackle all security tickets regardless of the technology stream the ticket focuses on

Respond and Monitor Security Incident and Event Management (SIEM) platform alerts by investigating and analyzing potential security breaches and cyber security incidents.

Coordinate the response for confirmed security incidents, to include efforts to contain, remediate, recover, and prevent

Escalate tickets to more experienced engineers or 2nd Line team where appropriate

Responsibilities will include but are not limited to providing configuration and technical support of the physical security system.

Assist with monitoring and responding to security alerts generated by the Security Incident and Event Management (SIEM) platform.

Perform basic triage of security alerts and escalate as necessary to higher-level team members.

Support the maintenance and configuration of security tools and technologies.

Assist in the documentation of security incidents, processes, and procedures.

Collaborate with team members on security projects and initiatives.

Participate in security training and education to develop foundational knowledge and skills.

A Monitoring agent in cybersecurity services performs various critical functions aimed at ensuring the security and integrity of an organization's IT infrastructure. Plays a vital role in enhancing the cybersecurity posture of an organization by providing real-time visibility into its IT environment, detecting security threats, and facilitating timely response and remediation actions to mitigate risks and protect sensitive data and assets.