Hiring.fm
Baker Hughes

Incident Response Analyst

MX-OTHER MEXICO Full time

Responsibilities, authorities and accountabilities

In this role, you will:

  • Lead technical aspects of digital security incident detection and response, focusing on very unstructured incidents and high-risk events.
  • Specialize in network-centric analysis (NSM), host-centric analysis (live response, digital forensics), malware analysis, and/or log-centric analysis (SIEM)
  • Perform daily response operations with a schedule that may involve nontraditional working hours - act as escalation points for Event Triage Analysts
  • Mentor and train Event Analysts as required.
  • The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role of an incident handler

Required Qualifications

  • Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math). A minimum 4 years of professional experience in STEM related degree, Political Science/Government/International Affairs.

Desired Characteristics

Technical Expertise:

  • The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role of an incident handler
  • Strong verbal and written communication skills
  • Detailed understanding of APT, Cyber Crime and other associated tactics
  • Strong track record of understanding and interest in recognized IT and OT security-related standards and technologies, demonstrated through training, job experience and/or industry
  • Knowledge of and/or working on Baker Hughes OT products
  • Professional experience with Cyber Security, Operations Security, Product Security, Industrial Control Systems (ICS), Information Assurance, and Information Technology
  • Experience with host based detection and prevention suites (Microsoft Defender, OSSEC, Yara, MIR, CarbonBlack, Tanium, etc.)
  • Experience with host-centric tools for forensic collection and analysis (Microsoft Defender, SleuthKit, Volatility Framework, FTK, Encase, etc.)
  • Experience with Network Forensics and/or Network Security Monitoring (NSM) tools (Snort, Bro-IDS, PCAP, tcpdump, etc.) and analysis techniques (alert, flow/session and PCAP analysis)
  • Experience with malware and reverse engineering (Dynamic and static analysis)
  • Strong IT infrastructure background including familiarity with the following:
  • Networking (TCP/IP, UDP, Routing)
  • Applications (HTTP, SMTP, DNS, FTP, SSH, etc.)
  • Encryption (DES, AES, RSA) and hashing algorithms (MD5, SHA-1, etc.)
  • System/Application vulnerabilities and exploitation
  • Operating systems (Windows, *Nix, and Mac)
  • Cloud technology (SaaS, IaaS, PaaS) and associated digital forensics and incident response techniques
  • CISSP, CISM or related SANs certifications preferred
  • Active US government security clearance
  • Working knowledge of secure communication methods, including Secure Shell, S/MIME and PGP/GPG