To apply for this position, you must be located in the Americas (United States of America is not applicable). Applications from other locations will be disqualified from this selection process.
We are...
a cutting-edge e-commerce company developing products for our technological platform. Our creative, smart, dedicated teams pool their knowledge and experience to find the best solutions to meet project needs while maintaining sustainable and long-lasting results. How? By making sure that our teams thrive and develop professionally. Strong advocates of hiring top talent and letting them do what they do best, we strive to create a workplace that allows for an open, collaborative, and respectful culture.
What you will be doing...
You will protect our infrastructure by grabbing, analyzing and monitoring logs and events. The right person must have excellent engagement and communication skills and a solid customer-focused and team-oriented approach that balances security needs and user experience to provide best-in-class security for the organization.
Must also be bilingual: English/Spanish.
Key responsibilities of this Role
- Monitor security alerts and notifications from various sources, including applications, network devices, operating systems, EDR, etc.
- Investigate and analyze security incidents, including potential breaches, malware infections, and policy violations.
- Coordinate with other teams to contain and remediate security incidents, minimizing impact and recovery time.
- Document and report on incident details, responses, and resolutions.
- Perform continuous monitoring of network traffic, system logs, and security events to identify anomalies and potential threats.
- Analyze security alerts and perform detailed forensic investigations to determine the root cause of incidents.
- Maintain and optimize security tools and technologies, including SIEM platforms, IDS/IPS, endpoint protection, EDR, and threat intelligence feeds.
- Configure and tune security systems to reduce false positives and improve detection capabilities.
- Create and maintain detailed documentation for security incidents, including incident reports, post-mortem analysis, and lessons learned.
- Prepare and present regular reports on security incidents, trends, and metrics to senior management.
- Ensure compliance with relevant regulatory requirements and internal policies.
- Work closely with IT to enhance our security posture and respond to emerging threats.
- Collaborate with external partners, vendors, and law enforcement when necessary for incident resolution and information sharing.
- Provide guidance and support to junior security staff and other teams on security best practices and incident handling.
- Stay up-to-date with the latest cybersecurity trends, threats, and technologies.
- Creation of dashboards and KPIs.
- Participate in ongoing training and professional development to enhance skills and knowledge.
- Contribute to developing and refining SIEM procedures, playbooks, and response strategies.
- Assist in creating and updating security policies, procedures, and incident response plans.
- Ensure that security controls are consistently applied and followed across the organization.
- Adhere to different policies set out by the organization.
- Follow and improve existing procedures.
- Keep your work organized based on tickets (Jira).
- Prepare and provide different reports (weekly/monthly/ad-hoc) to the Top Management as necessary.
- Maintain appropriate knowledge required for successful and efficient delivery of the responsibilities.
- Keeping abreast of new threats and vulnerabilities and providing analysis as per applicability.
- Help the organization understand advanced cyber threats.
- Possibility to perform on-call after working hours and weekends.
Knowledge and skills you need to have
- Five years of a university degree or four-year college diploma, preferably in computer science, telecommunications, or other related academic fields, or equivalent work experience, are required.
- At least 5 years of work experience in similar roles.
- Working and hands-on experience in running and handling SIEM on Splunk.
- Data analysis experience.
- Experience in working collaboratively with cross-functional/transverse IT teams.
- Ability to apply a risk-based approach while working on assigned responsibilities.
- Good understanding of reporting needs at various organizational levels and ability to design, create, and present them.
- Experience in working with any BI tools to prepare dashboards.
- Troubleshooting and problem-solving capabilities.
- Excellent analytical, communication, and documentation skills.
- Ability to organize work and prioritize work as per the operation’s needs.
- Ability to work independently and as part of the Information Security Team, and can work under minimal supervision.
- Should have time management skills and manage work in a fast-moving environment.
Competencies:
- Reading comprehension: You must be able to read and understand the existing procedures and the tasks assigned to tickets. This is crucial for you to work under minimal supervision and excel. If you are a technical guru but don't understand the assigned tasks in writing or don't clarify doubts, this is not your job.
- Organization: This position has 50% recurring tasks (e.g. reviewing abnormal logs every day), 30% research tasks (e.g. understand why certain logs are received and identify the root cause), 10% chasing other teams (e.g. ensuring that we receive logs from every single application and device), and 10% procedures (e.g. creating new procedures).
- Prioritization: You must attend to the priorities of the assigned tasks and assign the right priority to the SIEM alerts.
- Strong interpersonal, written, and oral communication skills.
- Ability to prioritize and execute tasks during a high-pressure moment and make sound decisions in emergencies.
- Ability to present ideas in a user-friendly language.
- Keen attention to detail.
- Proven analytical and problem-solving abilities.
- Strong customer service orientation.
- Ability to manage multiple projects, activities, and tasks simultaneously.
- Facilitation and change management skills.
Bonus points for the following
Additional requirements, not essential but "nice to have":
- Knowledge of other SIEM (Graylog, Google Chronicle, etc.).
- Knowledge of data analysis.
- Any Cybersecurity certification.
Why choose us?
We provide the opportunity to be the best version of yourself, develop professionally, and create strong working relationships, whether working remotely or on-site. While offering a competitive salary, we also invest in our people's professional development and want to see you grow and love what you do. We are dedicated to listening to our team's needs and are constantly working on creating an environment in which you can feel at home.
We offer a range of benefits to support your personal and professional development:
Benefits:
- 22 days of annual leave
- 10 days of public/national holidays
- Health insurance options
- Access to online learning platforms
- On-site English classes in some countries, and more.
Join our team and enjoy an environment that values and supports your well-being. If this sounds like the place for you, contact us now!