Incident Response Analyst - Ciudad de México - Orbia

Orbia

Empresa verificada

Ciudad de México

hace 2 semanas

Publicado por:

Rodrigo Fernández

Reclutador de talento para beBee

Descripción

Orbia Advance Corporation is a Purpose-led company with big aspirations. We are out to advance life around the world while maximizing value to our shareholders, customers and employees.

The Company is passionate about the topics that define how people will live and thrive tomorrow:
the future of cities, buildings, agriculture, and materials.

Orbia Advance Corporation has five business groups which offer innovative solutions across multiple industries including building and infrastructure, data communications, chemicals and more.

In 2018, Orbia Advance Corporation bought a majority stake in Israeli-based Netafim, the world's leader in drip irrigation, and is helping the world 'grow more with less' as it helps to solve food and water scarcity.

Orbia Advance Corporation has operations in 41 countries with more than 22,000 employees.

We started as a producer of commodities and have evolved to become a provider of innovative solutions that address the global issues of rapid urbanization, water and food scarcity, and a growing and aging population.

We're already a global leader in Polymers, Fluor, Building & Infrastructure, Datacom, and Precision Irrigation.

We have embarked on a CEO-led transformation, as part of our journey to become a truly purpose-led, future fit company.

JOB IDENTIFICATION:

Company:
Orbia - Global Functions

Job Title:
Incident Response Analyst

Job Type:
Full - Time

Reports To:
Information Technology

Department:
Corporate Orbia, Cyber Security Operations

Location:
LATAM/ APAC

Additionally, this role will help to identify gaps in Orbia's detection, prevention and response capabilities and propose strategies to correct those gaps, including developing new detection content and proposing engineering/architecture considerations.

Where possible, this role will leverage scripting, tools, and techniques to automate repetitive tasks.

This role will be a key technical contributor and a trusted advisor in incident analysis, providing both proactive outreach and reactive security support to the various business groups within Orbia.

On a day-to-day basis, this role will work closely with the Cyber Threat Operations team as well as Orbia's business groups, service and product vendors, IT leaders, and Security Engineering/Architecture leaders.

Upon declaration of a possible cyber crisis, this role will contribute to Orbia's overall Cyber Crisis Command structure, working closely with the crisis command team to drive remediation actions and resiliency.

MAIN RESPONSIBILITIES:

Provide technical contribution for the cyber threat detection and incident response program within Orbia.

Analyze security incidents identified by our external service providers and contextualize with Orbia-internal information. Validate whether the incident is a true/false positive and provide feedback to drive service provider improvement.

Support system owners with incident ticket resolution, including leading investigations, containment actions, and response/remediation steps.

Assist with development of common runbooks for most frequent or critical incident types.

Analyze root cause of recurring incidents and recommend and implement strategies to prevent reoccurrence in the future.

Work with service providers on tuning false positives so as to ensure most effective use of Orbia's resources.

Interface with IT stakeholders in each of Orbia's business groups and at the corporate level and serve as an escalation point to drive incident response and remediation.

Liaise when necessary with external incident response providers to perform digital forensics, malware analysis, and recovery operations.

Validate security control coverage against new or emerging cyber threats. Contribute to engineering initiatives to operationalize cyber threat intelligence sources within Orbia's detection toolsuites.

Collaborate with others within the cyber threat operations team, working closely with peers in vulnerability management, penetration testing and red/blue team exercises, and crisis command and resiliency.

Consider and recommend new tools, processes, or strategies to enhance Orbia's incident management workflow and increase efficiencies.

Knowledge Required

Familiarity with relevant regulations, such as SOX, GDPR / data privacy, PCI-DSS, etc.

Knowledge of relevant frameworks, including Cyber Kill Chain and MITRE ATT&CK

Deep technical knowledge of security solutions and architecture principles and processes

Knowledge of scripting/programming languages, such as Python and Powershell

Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)

Understanding of threat actor groups and tactics/techniques/procedures

Excellent analytical and problem-solving skills

Ability to build strong partnerships in a matrixed environment.

Ability to learn, grow and take on expanded duties as business needs evolve
Superb judgment and integrity,