About the job
We are seeking a motivated Incident detection and response Analyst to join our dedicated cyberdefense team, where the CERT handles the SOC and CERT activities. As a Cybersecurity incident responder, you will leverage your experience and degree to monitor, respond to, and mitigate cybersecurity incidents. Under the management of the global CERT manager, you will be part of the group of analysts for the Americas zone in coordination with the rest of the 24/7 CERT. Your role will be pivotal in ensuring all anomalies are detected and handled in a timely and appropriate manner.
1. Incident Detection and Response:
• Monitor and analyze security alerts and logs to promptly identify and respond to potential security incidents.
• Participate in the response and investigation of security breaches, working closely with cross-functional teams to contain and mitigate threats.
• Apply your knowledge of incident response methodologies to minimize impact and conduct post-incident analysis.
2. Threat Analysis and Mitigation:
• Utilize your experience to analyze network traffic, logs, and other data sources to detect and investigate threats.
• Collaborate with internal teams to assess incidents and recommend appropriate remediation actions.
• Leverage advanced threat detection tools and techniques to proactively identify emerging risks.
3. Vulnerability Management:
• Apply your expertise in vulnerability assessment and penetration testing to identify exploitation detection ways.
4. Security Operations management:
• Participate in the operation and continuous improvement of security information and event management (SIEM) systems.
• Develop and refine standard operating procedures (SOPs) for incident response and other critical processes.
5. Threat Intelligence Integration:
• Stay abreast of emerging threats, vulnerabilities, and tactics through continuous research and engagement with cybersecurity communities.
• Incorporate threat intelligence into your daily analysis and response activities to enhance proactive threat detection.
6. Documentation and Reporting:
• Create comprehensive incident reports, analysis summaries, and documentation.
• Maintain meticulous records of incidents, investigations, and mitigation efforts.
• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent work experience).
• Minimum of 2 years of hands-on experience in a SOC, CERT, or similar cybersecurity role.
• Professional certifications such as SANS FOR500 (or equivalent) are a plus.
• Proficiency in using EDR, SIEM and SOAR tools and other cybersecurity technologies.
• Demonstrated ability to analyze network traffic, logs, and security artefacts to detect and respond to threats. Windows forensics and scripting skills are a plus.
• Strong knowledge in most common IT protocols (network, system, email...)
• Experience in incident response methodologies, including containment, eradication, and recovery.
• Problem-solving skills and good resistance to pressure and crisis situations.
• Fluent in English and Spanish, French is a plus.
• The role is based in Mexico, Mexico
At Danone we work to make a vision a reality: "One Planet, One Health".
Here you will have space to create, undertake, grow and above all to be yourself, thanks to our culture of Inclusive Diversity, where we are clear that "our differences are what make the difference".
Do things your way! The way you work, the way you develop and the way you progress is up to you. Be innovative, be entrepreneurial and the impact you will have will surprise you.
You will work with agile methodologies, in high performance teams where you will learn, influence and contribute to achieve specific goals and thus grow with the company.
We want you to come and see for yourself!