General information

Office (s)
Monterrey, NL
Date Published
Tuesday, January 11, 2022
Job ID
Information Technology

Description & Requirements

Analyst, IT Security

About Us: 

Epicor Software is a global technology leader dedicated to helping businesses drive growth for more than 45 years. Our modern, industry-specific software helps customers boost efficiency and productivity by simplifying and automating everyday processes. We have a stellar team of nearly 4,000 worldwide employees who are passionate about building exceptional products and solutions through teamwork, constant innovation, and integrity. We strive to hire and reward star players who inspire one another and drive results for the business and our customers. 

Role Summary/Purpose:

The Analyst, IT Security is assigned to the Security Operations Team and is responsible for preventing, identifying, and responding to security incidents which impact both Epicor corporate and customer environments. Analyze event data for patterns of malicious or unwanted activities in the enterprise. Maintain knowledge on the latest intelligence and attack methodologies to take corrective actions during security incidents. Works with management and other personnel, as needed, to identify security needs.

What You’ll Do: 

  • Proactively protect the integrity, confidentiality, and availability of information stored & processed by and/or in the custody of Epicor Software.
  • Monitor, analyze, and react to security alerts, incidents, vulnerability reports from multiple sources (event logging, vulnerability scans, security alerts)
  • Review and triage vulnerability findings into manageable reports, provide relevant analysis, suggest mitigations, track remediation, manage scheduled scans, identify gaps and expand scan coverage, and escalate as appropriate.
  • Assist Tier 1 and Tier 2 support groups with diagnosing and triaging potential information security incidents, troubleshoot issues related to security controls.
  • Participate in the planning and execution of Incident Response activities.
  • Help to educate IT staff and end users regarding information security best practices and organizational policy.
  • Participate in the development and delivery of IT security standards, processes and playbooks.
  • Keep abreast of emerging security threats, attack vectors, industry trends, technologies, products and services.
  • Develop and document technical security standards to comply with policies and best practices.
  • Conduct technical evaluations of IT systems for compliance with security policies, standards, and best practices.
  • Support other department initiatives and deliverables as needed.

What You Need to Succeed: 

  • BS or BA degree (preferably in a technology related field) or any combination of equivalent education, experience, and formal training that allows the candidate to meet the requirements of the job.
  • Security-related certifications strongly desired, but not required. (Security+, CEH, OSCP, GIAC GSEC, CISSP, etc)
  • 4 or more years of information technology experience, at least 2 of them in a relevant information security and/or risk management field.
  • In depth knowledge of the IT security industry & best practices. Broad knowledge of the IT industry.
  • Strong organizational and teamwork skills.
  • Prior information security engineering experience in as many of the following areas as possible:
    • Operating system and platform security (Microsoft Windows and Linux).
    • Network security (LAN, WAN, MPLS, VPN).
    • Storage Area Network (SAN) security
    • Application & System security.
    • Cloud, virtual and Software-Defined Network (SDN) security.
    • Network, application and next-generation firewalls.
    • Intrusion detection & prevention systems.
    • Unified threat management systems.
    • Digital Loss Prevention (DLP) systems.
    • Secure Web Gateway systems.
    • Wireless & mobile device security.
    • Anti-virus and anti-malware/EDR systems.
    • Log-monitoring and event management systems.
    • Security scanning and vulnerability detection tools.
    • Identity & access management systems.
    • Directory services (Microsoft Active Directory, LDAP, etc.)

Why you should click “Apply”: 

This is an amazing opportunity for a IT Security Analyst to join one of the top tech functions in our space, as we seek to push the boundaries of conventional ERP solutions with developments such as AI & IOT across the Microsoft stack and Azure cloud platform.