FICO

Lead Cyber Security Engineer

FICO

full-time

Posted on:

Origin:  • 🇲🇽 Mexico

Visit company website
AI Apply
Manual Apply

Job Level

Senior

Tech Stack

AWSCloudCyber SecuritySplunk

About the role

  • Investigate and design detections to alert intrusion events/incidents using SIEM, SOAR, file analysis, endpoint logs etc. on Cloud and OnPrem Environments.
  • Coordinate with external teams to bring up security automation and robust detections as a priority.
  • Research, evaluate and document emerging cyber security threats and implement ways to detect while using state-of-the-art security tools.
  • Develop use-cases for potential attacks, intrusions and unusual/unauthorized activity pertaining to internal and external threats.
  • Test and evaluate use-cases and work on fine tuning them alongside multiple FICO monitoring teams with the use of analytical tools to determine emerging threat patterns and vulnerabilities.
  • Liaise with stakeholders in relation to cyber security issues and provide future recommendations and actionable plans.
  • Support incident response teams to implement lessons learned use cases and ensure security gaps are further covered.
  • Collaborate with multiple teams on creating modernized playbooks tackling new approaches bringing the latest philosophy on recent technologies like ML, Deep Learning, AI, use of LLMs, etc.

Requirements

  • 5+ years of provable experience involved in projects for multiple security domains.
  • Been a user or admin for SIEM system creating or developing security rules and use cases.
  • Been a user or admin for SOAR system creating or developing security playbooks for automated actions and response.
  • Active knowledge of scripting and/or programming, developing interfaces and functions for multiple security solutions.
  • Experience in Cloud and Hybrid enterprise environments, with the knowledge to navigate and create the necessary infrastructure to support relevant use cases or automated security controls.
  • Experience in actively creating detections to comply and cover relevant enterprise security frameworks like MITRE, NIST, SANS, ISO 27001, CIS, SOC2, PCI.
  • Experience using enterprise and open-source intelligence tools to add insight into detections and security automations.
  • Basic knowledge on statistical and big data algorithms.
  • Desired certifications: CASP+/Security+, GSEC/SSCP, Google/AWS Cloud Engineer or Associate, SOAR certified or experience, SIEM (Splunk, Wazuh, ELK, LogRythm, etc).