Security Engineer - Threat Hunting

November 5

Apply Now

Receive Emails with Similar Jobs

Paramo Technologies

WebsiteLinkedInAll Job Openings

201 - 500

Description

• You will protect our infrastructure by grabbing, analyzing and monitoring logs and events. • Monitor security alerts and notifications from various sources, including applications, network devices, operating systems, EDR, etc. • Investigate and analyze security incidents, including potential breaches, malware infections, and policy violations. • Coordinate with other teams to contain and remediate security incidents, minimizing impact and recovery time. • Document and report on incident details, responses, and resolutions. • Perform continuous monitoring of network traffic, system logs, and security events to identify anomalies and potential threats. • Analyze security alerts and perform detailed forensic investigations to determine the root cause of incidents. • Maintain and optimize security tools and technologies, including SIEM platforms, IDS/IPS, endpoint protection, EDR, and threat intelligence feeds. • Configure and tune security systems to reduce false positives and improve detection capabilities. • Create and maintain detailed documentation for security incidents, including incident reports, post-mortem analysis, and lessons learned. • Prepare and present regular reports on security incidents, trends, and metrics to senior management. • Ensure compliance with relevant regulatory requirements and internal policies. • Work closely with IT to enhance our security posture and respond to emerging threats. • Collaborate with external partners, vendors, and law enforcement when necessary for incident resolution and information sharing. • Provide guidance and support to junior security staff and other teams on security best practices and incident handling. • Stay up-to-date with the latest cybersecurity trends, threats, and technologies. • Creation of dashboards and KPIs. • Participate in ongoing training and professional development to enhance skills and knowledge. • Contribute to developing and refining SIEM procedures, playbooks, and response strategies. • Assist in creating and updating security policies, procedures, and incident response plans. • Ensure that security controls are consistently applied and followed across the organization. • Adhere to different policies set out by the organization. • Follow and improve existing procedures. • Keep your work organized based on tickets (Jira). • Prepare and provide different reports (weekly/monthly/ad-hoc) to the Top Management as necessary. • Maintain appropriate knowledge required for successful and efficient delivery of the responsibilities. • Keeping abreast of new threats and vulnerabilities and providing analysis as per applicability. • Help the organization understand advanced cyber threats. • Possibility to perform on-call after working hours and weekends.

Requirements

• Five years of a university degree or four-year college diploma, preferably in computer science, telecommunications, or other related academic fields, or equivalent work experience, are required. • At least 5 years of work experience in similar roles. • Working and hands-on experience in running and handling SIEM on Splunk and EDR on Crowdstrike. • Data analysis experience. • Experience in working collaboratively with cross-functional/transverse IT teams. • Ability to apply a risk-based approach while working on assigned responsibilities. • Good understanding of reporting needs at various organizational levels and ability to design, create, and present them. • Experience in working with any BI tools to prepare dashboards. • Troubleshooting and problem-solving capabilities. • Excellent analytical, communication, and documentation skills. • Ability to organize work and prioritize work as per the operation’s needs. • Ability to work independently and as part of the Information Security Team, and can work under minimal supervision. • Should have time management skills and manage work in a fast-moving environment. • Full professional proficiency: Spanish & English • Knowledge of other SIEM (Graylog, Google Chronicle, etc.) is a bonus. • Knowledge of data analysis is a bonus. • Any Cybersecurity certification is a bonus.

Benefits

• 22 days of annual leave • 10 days of public/national holidays • Health insurance options • Access to online learning platforms • On-site English classes in some countries • and more.