IC3 - IT Security Analyst – Operations

Objective of the Role 

As an IC3 IT Security Analyst - Operations, you will be responsible for ensuring the stability and security of our technological assets and products. This role involves maintaining continuous protection for our clients through security controls across web and mobile applications, cloud environments, end-user devices, on-premises infrastructure, perimeter networks, and data. You will play a critical role in executing the security operations strategy and responding effectively to security incidents. 

Main Responsibilities 

1. Develop and ensure the correct execution of security operation processes to secure, stabilize, and make our products available through robust security controls. 
2. Administer and maintain the operation of security technologies such as WAF, ABP, EDR, VPN, FW, DLP, CASB, CSPM, HSM, Anti-phishing, IPS/IDS, Data Protection, Appdome, Salt Security, etc. 
3. Coordinate the attention to new requirements and problem-solving. 
4. Collaborate with Tech, Architecture, and other relevant teams to integrate new security controls that meet specific business needs. 
5. Coordinate the implementation of new controls and create operational processes to continuously improve policies or configurations, reducing false positives and preventing disruptions. 
6. Analyze intrusion detection and vulnerability reports to assess the security posture concerning current operations and cybersecurity levels. 
7. Participate in containment and eradication activities during security and operational incident responses. 
8. Design and maintain continuous monitoring processes for security controls. 
9. Ensure timely patching and version updates of various security controls to prevent vulnerabilities and minimize business risks. 
10. Work effectively in a team-centered environment, maintain strong relationships with vendors, and be available to address arising issues. 
11. Maintain and improve the security architecture for cloud, data, end-user devices, perimeter networks, web applications, and mobile apps to ensure the integrity, availability, confidentiality, and authenticity of business information. 
12. Stay updated on the latest threats, techniques, and cybersecurity mitigation tactics. 
13. Provide periodic reports on the availability and effectiveness of security controls to senior management through monthly sessions. 
14. Coordinate a consistent remediation plan for findings from internal or external audits and assessments. 
15. Root Cause Analysis: Conduct root cause analysis for major incidents and implement corrective actions. 
16. Autonomous Work Culture: Actively create an autonomous work culture and collaborate in an agile and lean environment. 
17. Diversity and Inclusion: Promote a culture of diversity, equity, and inclusion within the IT support team. 

Required Knowledge and Experience 

1. Bachelor's degree in computer science, Information Technology, or a related field. 
2. 3 to 5 years of experience in managing security controls across various layers: data, end-user devices, cloud, infrastructure, perimeter networks, and web and mobile applications. 
3. Ability to act quickly and effectively in crisis response situations, minimizing negative impacts on business operations. 
4. Excellent prioritization, time management, and communication skills. 
5. Exceptional attention to detail and organizational skills. 
6. Familiarity with security frameworks and standards such as NIST, PCI, ISO 27001, CIS, CYSA, CISSP, or other certifications based on control management. 
7. Extensive experience in security and network architectures. 
8. English Proficiency: Intermediate to advance level 

Spin está comprometida con un lugar de trabajo diverso e inclusivo. 
Somos un empleador que ofrece igualdad de oportunidades y no discrimina por motivos de raza, origen nacional, género, identidad de género, orientación sexual, discapacidad, edad u otra condición legalmente protegida. 
Si desea solicitar una adaptación, notifique a su Reclutador.