General items:
Salary: 25,000 pesos net (libres + Prestaciones de Ley).
Schedule: 7am - 4pm (local time Tijuana)
Place to work: Amerikalink offices on: Vía Rápida Poniente #15007 Zona Rio III Etapa La Mesa, 22440 Tijuana, BC.
The Network Security Analyst will be responsible for supporting computer network defense, to include auditing the network for vulnerabilities, developing solutions for security issues, and investigating security breaches.
Major Responsibilities include, but are not limited to:
Conducts network monitoring and intrusion detection analysis using various Computer Network Defense (CND) tools, such as Intrusion Detection/Prevention Systems (IDS/IPS), Firewalls, Host Based Security System (HBSS), etc.
Correlates network activity across networks to identify trends of unauthorized use
Reviews alerts and data from sensors and documents formal, technical incident reports
Researches emerging threats and vulnerabilities to aid in the identification of network incidents, using external trusted intelligence sources and leverage knowledge to detect events of interest
Daily log monitoring of all network security devices and systems
Utilize network sniffer tools to perform packet analysis
Research external trusted intelligence sources and leverage knowledge to detect events of interest
Operate SIEM (AlienVault) consoles in order to monitor the environment for events of interest
Management and maintenance of SIEM
Daily firewall comparison checks against change requests
Daily WAF activity checks
Understand cyber-attack methods such as SQL Injection and Cross Site Scripting attacks (XSS)
Perform analysis of security logs in an attempt to detect unauthorized access
Execute incident response process when a security incident has been declared
Provide incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary
Document and present findings to management
Ongoing audits of inventory of servers, network nodes, workstations, software, hardware
Candidate Evaluation Criteria:
Technical expertise in analyzing threat event data, evaluating malicious activity, documenting unusual files and data, and identifying tactics, techniques and procedures used by attackers
Understand a variety of network protocols including TCP/IP, UDP, DHCP, FTP, SFTP, ATM, SNMP, SMTP, SSH, SSL, VPN, RDP, HTTP and HTTPS
Knowledge of attack vectors (malware, web application, social engineering, etc.)
Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
Accredited certifications HIGHLY desirable such as: GCIH (Certified Incident Handler) GCIA (Certified Intrusion Analyst) CEH (Certified Ethical Hacker) CCNA (Cisco Certified Network Associate)
Automation and scripting experience in Python or similar highly valued
Previous System Administration or Desktop Support experience
Experience with incident response and handling
Experience with open source technologies and environments
Experience with tools and appliances such as Nessus, IPS/IDS, Kali Linux, SIFT, Palo Alto, Cisco ASA, and SIEMs (AlienVault preferred)
Education and Experience
Candidates will be evaluated primarily upon their ability to demonstrate the competencies required to be successful in the role, as described above. For reference, the typical work experience and educational background of candidates in this role are as follows:
3+ years of work experience in information security, especially in a network security analyst role
High School diploma or equivalent (e.g., GED)
Deja un comentario