Orbia Advance Corporation is a Purpose-led company with big aspirations. We are out to advance life around the world while maximizing value to our shareholders, customers and employees. The Company is passionate about the topics that define how people will live and thrive tomorrow: the future of cities, buildings, agriculture, and materials. Orbia Advance Corporation has five business groups which offer innovative solutions across multiple industries including building and infrastructure, data communications, chemicals and more. In 2018, Orbia Advance Corporation bought a majority stake in Israeli-based Netafim, the world's leader in drip irrigation, and is helping the world 'grow more with less' as it helps to solve food and water scarcity. Orbia Advance Corporation has operations in 41 countries with more than 22,000 employees.
We started as a producer of commodities and have evolved to become a provider of innovative solutions that address the global issues of rapid urbanization, water and food scarcity, and a growing and aging population. We're already a global leader in Polymers, Fluor, Building & Infrastructure, Datacom, and Precision Irrigation. We have embarked on a CEO-led transformation, as part of our journey to become a truly purpose-led, future fit company.
JOB IDENTIFICATION:Company: Orbia - Global Functions
Job Title: Incident Response Analyst
Job Type: Full - Time
Reports To: Information Technology
Department: Corporate Orbia, Cyber Security Operations
Location: LATAM/ APAC
MAIN RESPONSIBILITIES: - Provide technical contribution for the cyber threat detection and incident response program within Orbia.
- Analyze security incidents identified by our external service providers and contextualize with Orbia-internal information. Validate whether the incident is a true/false positive and provide feedback to drive service provider improvement.
- Support system owners with incident ticket resolution, including leading investigations, containment actions, and response/remediation steps.
- Assist with development of common runbooks for most frequent or critical incident types.
- Analyze root cause of recurring incidents and recommend and implement strategies to prevent reoccurrence in the future.
- Work with service providers on tuning false positives so as to ensure most effective use of Orbia's resources.
- Interface with IT stakeholders in each of Orbia's business groups and at the corporate level and serve as an escalation point to drive incident response and remediation.
- Liaise when necessary with external incident response providers to perform digital forensics, malware analysis, and recovery operations.
- Validate security control coverage against new or emerging cyber threats. Contribute to engineering initiatives to operationalize cyber threat intelligence sources within Orbia's detection toolsuites.
- Collaborate with others within the cyber threat operations team, working closely with peers in vulnerability management, penetration testing and red/blue team exercises, and crisis command and resiliency.
- Consider and recommend new tools, processes, or strategies to enhance Orbia's incident management workflow and increase efficiencies.
KNOWLEDGE REQUIRED: - Familiarity with relevant regulations, such as SOX, GDPR / data privacy, PCI-DSS, etc.
- Knowledge of relevant frameworks, including Cyber Kill Chain and MITRE ATT&CK
- Deep technical knowledge of security solutions and architecture principles and processes
- Knowledge of scripting/programming languages, such as Python and Powershell
- Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
- Understanding of threat actor groups and tactics/techniques/procedures
- Excellent analytical and problem-solving skills
- Ability to build strong partnerships in a matrixed environment.
- Excellent verbal and written communication skills, including ability to translate complex technical subjects to non-technical audiences.
- Ability to learn, grow and take on expanded duties as business needs evolve
- Superb judgment and integrity, including excellent decision-making skills and a sense of urgency
EDUCATION & EXPERIENCE REQUIRED: - 2+ years of experience in one or more of the following areas: Information Security, Security Operations, Digital Forensics/Incident Response, Cyber Threat Hunting, or Cyber Threat Intelligence
- Preferred: 2+ years of experience working directly in a Security Operations Center
- Knowledge/experience with common threat detection tools, such as SIEM, EDR, IDS/IPS, and firewalls in a large enterprise environment
- Knowledge/experience with other types of security operations tools, such as vulnerability scanners, PCAP tools, and malware sandbox/reverse engineering tools.
- Knowledge/experience with forensic investigations, malware analysis, and incident response.
- Technical experience with the incident management lifecycle and incident analysis techniques
- Experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, and application security
Our Global brands: Dura-Line, Koura Global, Vestolit, Netafim, Alphagary, Wavin.
They offer a broad range of value added solutions and finished products that contribute to customers' success and ultimate improve the quality of life for people around the world. Along its commitment to good citizenship, Orbia Advance Corporation delivers Total Value to customers, employees and investors worldwide, every day.