Mam de la Frontera, S.A. de C.V.

Information (Cyber) Security Analyst

Mam de la Frontera, S.A. de C.V.

Abr. 07

Tijuana, Baja California

Giro

Maquiladora (Export.)

Actividad principal

Maquila, shelter

Número de empleados

8000

Sitio Web corporativo

Dirección

Águila Coronada 19491

Colonia o fraccionamiento

Baja Maq El Águila

Ciudad

Tijuana, Baja California

Descripción y detalle de las actividades

• Safeguarding of data and information, focused on the tenets of security that include Confidentiality, Integrity and Availability • Provide comprehensive support to protect and defend networks and all attached systems by validating configurations and ensuring regulatory compliance with HIPAA, NIST, FISMA/FedRAMP, FIPS and Corporate directives. • Supports the Outset Cybersecurity training and refresh training program. • Provide security reviews for configuration change requests and update appropriate certification and accreditation artifacts as applicable. • Utilize automated tools to identify critical flaws in connected devices and corporate systems. • Work with the business to determine high value assets. • Determine priority and criticality of vulnerability remediation based on analysis. • Work with business partners to make recommendations and provide guidance for remediation. • Compile and track vulnerabilities over time for metrics purposes. • Follow established process and procedure in use and support of operational software tools, hardware and system software. • Be willing and capable of learning new tools and processes. • Monitor SIEM, conduct data analysis, and evaluate logs for security events. • Support management of firewall, proxy, IDS/IPS, DLP, and Vulnerability Scanners. • Evaluate health and management of Anti-Virus, Anti-Malware, and other Advanced Threat agents in a global deployment • Create reports and enhance metrics based on data analysis. • Participate in threat hunting, threat modeling, and threat intel activities • Adhere to all corporate security policies and standards as they relate to job duties. • Provide on-call support on-site and after-hour support on an emergency basis, 24x7x365. • Influence technology decisions as a member of our engineering and cybersecurity leadership team • Participate in Scrum ceremonies and keep task notes and daily update progress in our ticketing systems.

Experiencia y requisitos

• 10+ years of information security and/or cybersecurity experience • Must have experience with automated vulnerability scanning tools. (Network, System, Static/Dynamic code analysis.) • Must understand the OWASP Top 10 and NIST CSF/RMF security controls. • Must demonstrate the ability to professionally communicate in verbal and writing skills. • Must understand basic security principles with an understanding of malware, cryptography, threats and vulnerabilities, access control, and application, data, and host security. • Must understand core networking (TCP/IP, routing, switching, wireless) and the OSI model. • Must have scripting skills (Powershell/Bash/Python) and an interest in data analysis. • Must understand basic cloud technologies and operating systems including Azure, AWS and Linux, including console level commands. • Must demonstrate skills and interest in supporting a variety of security systems such as IAM, SIEM, IDS/IPS, firewalls, proxies, host security software, and vulnerability scanners. • Analytical, innovative, creative, and disruptive. • Conceive and initiate projects; improvise and invent solutions in new, non-standard and unstructured situations • Must be able to work well through ambiguity; with confidences in making tough calls and leading through adversity with a sharp focus on the eventual right outcomes. • Medical device experience is a plus. • Must have a proven portfolio of successful projects in areas mentioned above. • Bachelor’s degree or higher from an accredited university or college with course work in Information Security, Cybersecurity, Information Management Systems, or Networking. • One or more of the following or higher certifications (CISSP, CAP, CND, Cloud+ GSLC, Security+, CEH, CASP+ CE, CISM, CCISO)

Número de vacantes

1

Área

Sistemas

Contrato

Permanente

Turno

Diurno

Jornada

Tiempo Completo

Estudios

Titulo Profesional

Inglés

Hablado: 90%, Escrito: 90%

Sexo

Indistinto