• Operate and manage the Darktrace Network Detection and Response (NDR) solution dedicated to a Teltec client. • Perform continuous monitoring of alerts and detections generated by the platform, conducting initial analysis and enrichment of identified events. • Investigate suspicious activities and potential threats identified in network traffic using the analytical capabilities of the NDR solution. • Manage and optimize policies, detection rules, exceptions, and tool configurations to ensure maximum operational effectiveness. • Support security incident response processes by providing technical evidence, context, and recommendations for containment and remediation. • Continuously tune the platform to reduce false positives and improve detection quality. • Develop and maintain technical documentation, operational procedures, and playbooks related to the tool’s operation. • Prepare technical and executive reports including indicators, trends, identified threats, and recommendations for improving the monitored environment. • Serve as the technical focal point for the client on NDR-related matters, leading operational and technical alignment meetings. • Support continuous improvement initiatives by proposing new detections, use cases, and monitoring strategies to increase visibility and security maturity. • Collaborate with SOC, MDR, Network, and Infrastructure teams to investigate, validate, and handle security events identified by the platform.

Role Description Ingeniero de sistemas o áreas afines, quien brindará soporte a cliente específicos, apoyando a la revisión y modificación de reglas de monitoreo, atendiendo y presentando reportería a nuestros clientes. - Investigar eventos e incidentes reportados por el equipo SOC para recopilar evidencia, profundizar y analizar de manera integral y consistente las alertas de seguridad para ser reportadas al cliente. - Identificar los falsos positivos comunes y hacer sugerencias para el afinamiento de las plataformas de detección con el objetivo de reducir la fatiga por alertas. - Realizar afinamiento de reglas de detección y construcción de casos de uso para la detección de amenazas y comportamientos maliciosos en las plataformas de detección del SOC. Qualifications - 1 año como SOC Specialist en nivel Junior o experiencia equivalente al puesto. - Ingeniero de sistemas o áreas afines. Requirements - CSAL - Certification SOC Analyst Level 1 - IC - Introduction to Cybersecurity - ICF - IT and Cybersecurity Foundations - Security+, deseables u otros que puedan tener. - Ingles intermedio.

• Investigate advanced and persistent attacks using data analysis and data science tools • Analyze customers' web traffic to detect unidentified threats and reduce false positives using Elasticsearch and BigQuery • Research, design, and continuously enhance detection mechanisms to stay ahead of evolving threats • Provide real-time technical support to global customers, delivering professional and timely incident responses • Produce clear, insightful incident reports • Collaborate cross-functionally with R&D and Research teams to optimize the company's detection and mitigation capabilities • Design, plan, and implement internal automation projects to improve team efficiency • Work in a shift-based schedule, including weekends

• Participate in day-to-day execution and continuous improvement of Epic application access provisioning and deprovisioning • Own and execute work in a ServiceNow queue, consistently handling high-volume tickets for access changes, troubleshooting, and triage • Serve as an escalation point for assigned Epic access design/build and access issues • Assist in maintaining an Epic access catalog and keep it current as workflows evolve • Support access reviews/attestations for high-risk roles and privileged access • Help shape the application authorization layer that makes IGA automation successful