**Requirements**:
- Ensure incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring.
- Work collaboratively with other cybersecurity teams and business units.
- Drive the implementation of emerging threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the attack.
- Implement standards and procedures to ensure alerts are addressed with relevancy, accuracy and in a timely manner.
- Define protocols and maturing of 'playbooks' for operational response to cyber threats.
- Operate autonomously to further investigate and escalate in accordance with policies, procedures, and defined processes.
- Provide teaching / mentoring to SOC level II and III Analysts.
- Lead SOC analysts during incident response actions, advise and coordinate with leadership during active incidents.
- Identify, evaluate, develop, and report SOC related metrics via dashboard and/or reports.
- Manage shift schedules and lead SOC personnel.
- Develop, lead and present relevant Cybersecurity tabletop exercises to SOC staff and relevant stakeholder groups for the purposes of identifying process improvement opportunities.
**Qualifications**
Possess any of the following certifications:
- CISSP, CASP, CCSP, SSCP, SANS GIAC GMON, GCIH, GCIA, GCFA, GCFE, GREM.
- Deep technical understanding of core current cybersecurity technologies as well as emerging capabilities.
- Hands-on cybersecurity experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization including prior experience performing large-scale incident response.
- Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques, and procedures (TTPs).
- Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework.
- Familiarity with Cloud concepts and experience performing monitoring and responding to threats in Cloud environments.
- Associate degree Information Technology, Cyber Security or Computer Science. Preferred.
**Experience**
- 5 years experience working within Security Operations Center AND using SIEM technologies Required.
- 2 years experience leading and developing others Preferred.
- 7 years general Cybersecurity field Required.
**Skills and Abilities**
- Demonstrated ability to identify automation/orchestration opportunities and developing plan to implement automation Advanced.
- Strong leadership, problem solving and critical thinking skills. Ability to prioritize and execute autonomously Advanced.
- Ability to communicate effectively with all levels of staff, management, and business units both verbally and in writing Advanced.
- Strong understanding of latest security principles and protocols Advanced.
- Strong understanding of security operations technologies including SIEM, endpoint tools and network-based logs Advanced.
- Knowledge in emerging technologies and tactics used within a SOC, and how they are applied to improve efficiency and effectiveness Advanced.
- Understanding of tactics, techniques and procedures associated with cyber threats and the ability to develop relevant alerting, countermeasures, and threat hunting techniques. Advanced.
- Scripting ability (Powershell, Python) Intermediate.
**Benefits**
- Hybrid (2 days Office/Ultra park II Lagunilla, Heredia)
- Private Medical Insurance
- Asociacion Solidarista
- Life Insurance
- Personal Day Off