L1- Associate Cyber Security SOC
Mexico City, Mexico
Job ID: 56290
Ingram Micro touches 80% of the technology you use every day with our focus on Technology Solutions, Cloud, and Commerce and Lifecycle Solutions. With $50 billion in revenue, we have become the world’s largest technology distributor with operations in 64 countries and more than 35,000 associates.
- Perform triage of incoming issues (asses the priority and determine risk).
- Validate suspicious events and escalate as needed alerts that require analysis.
- Triage and investigate security events.
- Incident intake, ticket updates and reporting of cyber events.
- Act as the first line of defense while detecting and identifying the occurrences of cybersecurity events.
- Investigate security notifications.
- Analyze detected events to understand attack targets and methods.
- Processing DNS change requests to our registrar.
- Tune and implement configuration changes to security controls, as necessary.
- Stay up to date on information technology trends and security standards.
What you bring to the role
- A bachelor/s degree in I.T., Engineering, Cyber Security or related science and math discipline with an information emphasis or equivalent experience
- English Proficiency is a must.
- One or more years of full-time professional experience in the Information Security field
- Experience working in a Security Operations Center (SOC), Managed Security Service (MSS), or enterprise network environment
- Answer incoming calls and monitor various email accounts and act according to SOC procedures and process
- Proactively identify and remediate threats occurring in the environment
- Participate in the day-to-day security operations monitoring and response from the Security Operations Center.
- Ability to generate comprehensive written reports and recommendations
- Ability to troubleshoot technical problems and ask probing questions to find the root cause or a problem
- Willing to work in shift schedule.
- Queue management of security events
- Demonstrate use and understanding of security technologies such as Security Incident and Event Management (SIEM) & Endpoint Detection and Response (EDR)
- Evaluate, respond, and mitigate alerts that originate from the SIEM and the security tools
- Familiarity with SANS top 20 critical security controls
- Familiarity with MITRE ATT&CK
- Basic understanding of vulnerability assessment tools.
- This position requites availability to work different shifts.
- Desired Certifications (CCNA Security, CCNA Security, CCNP Security, CompTIA Security +, GSEC or other Security Certifications.)