hero

Companies you'd love to work for

27
companies
118
Jobs

Security Monitoring Specialist

Kueski

Kueski

Mexico
Posted on Friday, December 1, 2023
About Kueski
At Kueski, we're dedicated to improving the financial lives of people in Mexico. Since 2012, we've been the leading buy now, pay later (BNPL) and online consumer credit platform in Latin America, known for our innovative financial services. Our flagship product, Kueski Pay, provides seamless payment solutions for both online and in-store transactions, establishing itself as the preferred option for a quarter of Mexico's top e-commerce merchants. Notably, we were the first to introduce BNPL on Amazon Mexico.
We're a tech company with a culture geared toward innovation, collaboration, and impact, fostering a strong, diverse, and inclusive company culture. In 2023, Kueski was recognized as the top BNPL platform by Fintech Breakthrough and earned the title of one of Mexico's most ethical companies from AMITAI. Additionally, we ranked as one of the Best Companies for Female Talent by EFY.
Purpose
The Security Monitoring Associate is part of the Information Security team and is responsible for ensuring that all security incidents are handled appropriately and in a timely fashion, in accordance with the existing process and guidelines. This individual is also responsible for ensuring the correct performance and relationship with the SOC/SIEM provider, to ensure they are operating optimally, but also improving their searches as well as building the adequate threat intelligence and threat hunting.

Key Responsabilities

  • Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation
  • Perform cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation
  • Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs)
  • Collect intrusion artifacts (e.g., source code, malware, Trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise
  • Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level
  • Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack
  • Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity
  • Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings)
  • Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave
  • Provides cybersecurity recommendations based on significant threats and vulnerabilities
  • Work with stakeholders to resolve computer security incidents and vulnerability compliance
  • Identify threat tactics, and methodologies
  • Provide timely notice of imminent or hostile intentions or activities which may impact organization objectives, resources, or capabilities.

Position Requierements

  • +2 years of relevant experience in incident handling, preferably as part of a SOC (Security Operations Center)
  • Experience handling sensitive information
  • Experience with SIEM and correlation of events
  • Advanced English level
  • Preferably knowledge of YARA rules and YAML
  • Knowledge of incident response and handling methodologies
  • Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions
  • Knowledge of cyber defense and vulnerability assessment tools and their capabilities
  • Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins)
  • Knowledge of network traffic analysis methods
  • Knowledge of Insider Threat investigations, reporting, investigative tools, and laws/regulations
  • Knowledge of adversarial tactics, techniques, and procedures

You’ll love working at Kueski because

  • We have a mission-driven culture focused on customer value, teamwork, humility, and integrity.
  • Everyone is expected to have role clarity, career growth, and a personal development plan. Feedback and recognition is embedded in our company processes, systems, and practices.
  • We ensure competitive salary, medical insurance, and wellbeing through ample and flexible time off as well as mental healthcare benefits. Everyone is an owner and eligible for competitive stock options with a company poised for success.
  • We´re committed to building an inclusive and diverse team and we know this leads to incredible work.
Kueski: Where talent excellence improves Mexican lives
#LifeAtKueski #KueskiTalent