Listing Description
The Dell Security & Resiliency organization manages the security risk across all aspects of Dell’s business. We are currently experiencing incredible growth in order to meet the security needs of the world’s largest technology company. With team members located in over 15 countries, you will have an excellent opportunity to influence the security culture at Dell and further develop your career.
Dell is a worldwide provider of information technology services and business solutions to a broad range of clients. We seek men and women who share our values, thrive in a team environment, and recognize the importance of accountability; people who strive to exceed expectations to ensure our Clients' success.
We are currently seeking an Advisor Incident Response Analyst to join our Security & Resiliency team, based in Mexico. The ideal candidate will be responsible for investigating and reporting of major security incidents supporting all Dell business units and mergers & acquisitions. This role requires experience in all phases of Cyber Security Incident Response lifecycle. The Cybersecurity Intelligence & Response Team (CSIRT) under Security & Resiliency team is responsible for coordinating with IT, Legal, Human Resources, and other appropriate business units to gather incident details, assess impact, and coordinate response. This role requires some experience and expertise in the field since it is an escalation point.
The goal of the role is primarily monitor and respond to threats and Cybersecurity incidents in Dell’s infrastructure. Set up and maintain standard operating procedures and runbooks to meet the needs of Dell.
Key Responsibilities
- Serve as global escalation point for cybersecurity incidents in Dell infrastructure.
- Perform technical cyber security investigations on security incidents, root cause analysis, recommend and mitigate the effects caused by a security incident.
- Provide technical Incident Response guidance to the L1 Incident Response Analysts.
- Mature the Security Incident Response process to ensure it meets the needs of the global business and is adhered to.
- Assist with the creation and refinement of Incident Response run books for analysis and response to cybersecurity incidents.
- Interface with L1s and L3s analysts to continuously improve the Incident Response function.
- Work with formal incident response tasks escalations to successfully execute the incident response plan.
- Work within a leveraged virtual incident response team to contribute in an incident response tasks.
- Communicate and build effective relationships with people at all levels.
- Create and propose security risks educational information for end-users.
- Investigate and analyze large and unstructured data sets to identify trends and anomalies indicative of malicious activities.
- Perform deep dive analysis of malicious artefacts.
- Participate in additional projects, assignments or initiatives as required.
- Work with the Security Response Center analysts on incident response tickets and manage / prioritize queue assignments.
- Participate in shift handoff activities
Requirements
- 2-4 years of cybersecurity Incident Response experience.
- 1-2 years of hands-on experience in a Security Operations Center.
- Should possess either one or more of the following certifications: SANS GCIH, GCLD, GCFA, GCED or CEH, CHFI.
- Exceptional analytical thinking, solve technical and business problems, time management and coordination skills and excellent command in English (both written and verbal).
- Exceptional ability to analyze and distill relevant findings and determine root cause.
- Ability to document and create timelines and reports.
- Knowledge and experience on security technologies such as EDR and Antivirus. Desirable experience on SIEM, Network packet capture, Firewall/NGFW, IDS/IPS, EDR, DLP.
- Knowledge and experience on Windows platforms, protocols and tools with related experience in corporate infrastructures to conduct investigations on compromised devices.
- Knowledge base in Linux/Unix OS and Cloud (Azure) environments.
- Strong technical experience and familiarity of various types and techniques of cyber-attacks, with the incident response and threat hunting lifecycles.
- Familiar with Digital Forensics Analysis, Memory Forensics Analysis and Anti-Forensics Detection is desirable.
- Ability to work in a dynamic and multicultural environment, team player, with a positive and professional attitude, and strong customer service skills.
- Hands-on experience in building automated tools in one or more of the following languages is a plus: PowerShell, Python, Ruby, Bash, Batch, C, and C++
Here’s our story; now tell us yours
Dell Technologies helps organizations and individuals build a brighter digital tomorrow. Our company is made up of more than 150,000 people, located in over 180 locations around the world. We’re proud to be a diverse and inclusive team and have an endless passion for our mission to drive human progress.
What’s most important to us is that you are respected, feel like you can be yourself and have the opportunity to do the best work of your life -- while still having a life. We offer excellent benefits, bonus programs, flexible work arrangements, a variety of career development opportunities, employee resource groups, and much more.
We started with computers, but we didn’t stop there. We are helping customers move into the future with multi-cloud, AI and machine learning through the most innovative technology and services portfolio for the data era. Join us and become a part of what’s next in technology, starting today.
You can also learn more about us by reading our latest Diversity and Inclusion Report and our plan to make the world a better place by 2030 here.
Dell is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Dell are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Dell will not tolerate discrimination or harassment based on any of these characteristics. Dell encourages applicants of all ages. Read the full Employment Opportunity Policy here.
Job ID: R141216
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Full Telecommute