***El Comeback is a non-profit program from ConPRmetidos that attracts and retains professional talent for Puerto Rico-based jobs. Register at elcomebackpr.org/registration-form to get matched with professional opportunities on the island. Candidates' searches for positions posted by El Comeback are done on behalf of companies that we support in their search for candidates.***

Evertec, a leading technology and transaction processing company with a presence in more than 11 countries and serving clients in 26 countries across Latin America and the Caribbean. Our main solutions include payment acquisition for digital commerce, transaction processing, and technological solutions for businesses.

The Cybersecurity Risk & Incident Response Specialist is responsible for the information security analysis, incident monitoring, and response, as well as maintenance and configuration of information security tools.

Responsibilities: 

• Works with the latest technologies to detect, analyze, and limit intrusions and security events. 
• Helps assess each potential threat and determine if current systems are vulnerable to that threat. 
• Monitor network activity, help implement and manage security controls and protocols, and research emerging threats to help determine the best response to them. 
• Assist and participate in the overall data protection and information security risk management program. 
• Analyze and document each alert received to identify the existence of any intrusion that merits the notification of a security incident. 
• Escalate to the Manager any identification related to any vulnerability that may put the business operations at risk. 
• Verification of the daily compliance of the analysis performed to the monitoring alerts, where every day the respective evaluation of each of the alerts provided by the monitoring tools is recorded in the logs based on the collaboration provided to the Security Analyst. 
• Performs a quarterly survey of unauthorized Software on all company computers and issues a report of the work performed. 
• Supports any inquiries related to the installation of unregistered software by analyzing its vulnerabilities and risks. 
• Execute all key controls including but not limited to SOX controls for the role according to assigned roles within established procedures and approved delegation of authority. 
• Oversee compliance with generally accepted accounting principles and company procedures. Report any exceptions to established internal controls and document any violations of procedures following required command channels.

Education and Experience:

• Bachelor's Degree in Computer Science, Computer Engineering, Systems Information, or related. 
• Previous proven experience in cyber incident response needs. 
• Experience using tools such as intrusion detection systems (IDS), security information and event management (SIEM) systems, antivirus software, forensic tools, and advanced networking knowledge. 
• Certifications for incident response such as Certified Incident Handler (GCIH), Certified Computer Forensics Examiner (CCFE), Certified Forensic Analyst (GCFA), and Certified Information Systems Security Professional (CISSP), which are strongly preferred. 
• Practical experience in responding to security incidents. This could involve previous roles in incident response teams, security operations centers (SOCs), or similar positions where handling security incidents was part of the job.

Knowledge and Skills:

• Strong understanding of computer networks, operating systems, and cybersecurity tools. 
• A solid understanding of cybersecurity principles, practices, and frameworks is essential. This includes knowledge of common cyber threats, attack vectors, malware analysis, and security best practices. 
• Familiarity with digital forensics techniques and tools is often required. Incident responders may need to collect and analyze evidence from compromised systems to understand the scope and impact of an incident.
• Strong communication skills are crucial for incident responders. The ability to communicate effectively with team members, management, and other stakeholders during an incident to coordinate response efforts and provide updates on the situation. 
• Incident responders must be able to think critically and solve problems quickly under pressure. 
• Continuous Learner: The cybersecurity landscape is constantly evolving, so a willingness to stay updated on the latest threats, tools, and techniques is essential for success in incident response roles. 
• Strong skills in analysis, consulting, and solution building. They excel in identifying and utilizing relevant resources, conducting comprehensive research, and synthesizing information to produce meaningful results. 
• High attention to detail, they apply deductive and inductive reasoning to address specific problems and offer accurate recommendations to clients.
• Demonstrate creativity and assertiveness in identifying areas for improvement and providing innovative solutions. The ability to question, influence, and adapt ensures effective communication and negotiation with various stakeholders.
• Business writing and documentation, maintain professionalism by adhering to internal procedures and guidelines, presenting information clearly and concisely, and adapting their writing style for different audiences. 
• Effective communication skills extend to both oral and written forms in English and Spanish, enabling clear and comprehensive exchanges with internal and external stakeholders. 
• Strategic planning and change management are areas of expertise, with the ability to develop objectives aligned with organizational vision, anticipate obstacles, and facilitate strategic clarity. 
• Change Champion by demonstrating flexibility, adaptability, and clear communication, establishing plans to implement and manage changes within the organization. 
• Time and project management, organizing tasks, complying with meeting deadlines, and effectively allocating resources to accomplish objectives. #LI-DNI