Security Operations Center Analyst - Incident Response
McKinsey & Company
San Jose, Costa Rica
hace 3 días
  • Bachelor’s degree; Master's degree preferred in (IT / Computer Science or Service-Management is preferred), military experience and / or equivalent experience
  • 3+ years of information security and / or cyber security experience 3-5 years of experience in security monitoring and / or incident response
  • Experience in two or more of the following security domains : digital forensics (computer, memory, network, cloud, virtualization), malware analysis (Dynamic and static), reverse engineering, pen testing, network investigations, threat hunting, threat intelligence, security engineering, OSINT
  • Awareness about security products and technologies, and / or networking protocols. (Splunk, Arcsight, Qradar, etc.)
  • Experience with cloud computing, both investigating and working with cloud infrastructure
  • Experience with microservices is preferred Understanding of security alerts that includes malware / phishing, denial of service, unauthorized access, ETC, knowledge of security tools that include SIEM, IDS / IPS, log aggregation, malware sandboxing, threat hunting, etc.
  • Security certifications like GIAC certifications or equivalent work experience will be preferred
  • Strong process management background with a keen interest in process development
  • Expertise to manage SOPs, process adherence by teams & an eye for continuous improvement
  • Excellent interpersonal and collaborative skills
  • Strong written and verbal communication skills with the ability to communicate security and risk-related concepts to both technical and non-technical audiences
  • Ability to multi-task, prioritize, coordinate and work well under pressure to meet deadlines
  • You will work in our San Jose office as part of the Security Operations center and in collaboration with fellow security analysts, engineers and other IT security specialists.

    The Security Operations center (SOC) is McKinsey's internal security monitoring, detection and response organization tasked with the detection and response to threats on the firm's network.

    The SOC is a 24 / 7 organization with teams in different geographical zones to ensure continuous operations and coverage of security monitoring, detection and response.

    You'll investigate various types of security incidents, develop and improve existing security workflows to standardize incident response, and you'll formulate incident response steps when a new unprecedented incident is reported to the SOC.

    In this role you'll work both collaboratively and independently to accomplish a variety of security tasks as well as projects.

    You'll collaborate with security engineers to create use cases and correlation alerts in the SIEM for continuous security monitoring, embark on specialized security projects to mature the capabilities of the security operations center, and mentor junior security analysts and train them in new security skills as required.

    You'll write both technical and executive incident reports when called upon and you will be expected to continue learning and improving your security analysis skills to match the current technical security challenges and innovations.

    Reportar esta oferta

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Mi Correo Electrónico
    Al hacer clic en la opción "Continuar", doy mi consentimiento para que neuvoo procese mis datos de conformidad con lo establecido en su Política de privacidad . Puedo darme de baja o retirar mi autorización en cualquier momento.
    Formulario de postulación