Watch Jobs
浏览职位数据统计洞察报告招聘观察探索企业购买与订阅
我的收藏免费试用登录注册

Watch Jobs

我们专注于实时追踪各企业最新职位动态,帮助您节省求职时间,快速找到理想工作机会。

探索

  • 浏览职位
  • 数据统计
  • 洞察报告
  • 数据方法论
  • 探索企业

订阅

  • 免费试用
  • 价格方案
  • FAQ
  • 隐私政策

关注我们

微信公众号小红书淘宝店铺

© 2026 Watch Jobs. 保留所有权利

Created by jianglicat - 讲礼猫
Watch Jobs
浏览职位招聘观察购买与订阅
Baker Hughes logo
贝克休斯
Incident Response Analyst LATAM
立即应聘

Incident Response Analyst LATAM

发布于 6 个月前

普通员工/个人贡献者

Mexico City, Ciudad de Mexico, Mexico
中级经验
全职员工
远程工作
本科
系统与安全工程
Apt
CISM
CISSP
Cyber Crime
Industrial Control Systems (Ics)
Network Security Monitoring (Nsm)
SIEM

AI 估算 · 35k–55k

该职位要求4年以上网络安全事件响应经验,涉及APT、恶意软件分析等高阶技能,且为跨国企业远程岗位,市场竞争力强,薪资水平较高。

职位详情

关于这个职位

作为事件响应分析师,您将负责领导数字安全事件的检测与响应的技术方面,专注于处理高度非结构化的安全事件和高风险事件

您需要运用网络分析、主机分析、恶意软件分析或日志分析等专业技能,在可能涉及非传统工作时间的排班下执行日常响应操作,并作为事件分类分析师的升级支持点

最低要求

拥有计算机科学或STEM专业(科学、技术、工程和数学)的学士学位

在STEM相关领域拥有至少4年的专业经验
具备口头和书面沟通能力、外交手腕和决策能力,以应对事件处理者通常快节奏的角色
对APT、网络犯罪及其他相关战术有详细的理解
通过培训、工作经验和/或行业经验,展现出对公认的IT和OT安全相关标准及技术的理解和兴趣
拥有网络安全、运营安全、产品安全、工业控制系统(ICS)、信息保障和信息技术方面的专业经验
具备基于主机的检测和防护套件(如Microsoft Defender, OSSEC, Yara, MIR, CarbonBlack, Tanium等)的使用经验
具备用于取证收集和分析的主机中心工具(如Microsoft Defender, SleuthKit, Volatility Framework, FTK, Encase等)的使用经验
具备网络取证和/或网络安全监控(NSM)工具(如Snort, Bro-IDS, PCAP, tcpdump等)和分析技术(警报、流/会话和PCAP分析)的经验
具备恶意软件和逆向工程(动态和静态分析)的经验
拥有IT基础设施背景,熟悉以下内容:
网络(TCP/IP, UDP, 路由)
应用(HTTP, SMTP, DNS, FTP, SSH等)
加密(DES, AES, RSA)和哈希算法(MD5, SHA-1等)
系统/应用漏洞和利用
操作系统(Windows, *Nix, 和 Mac)
云技术(SaaS, IaaS, PaaS)及相关的数字取证和事件响应技术

工作职责

领导数字安全事件检测和响应的技术方面,专注于非常非结构化的事件和高风险事件

专攻网络中心分析(NSM)、主机中心分析(实时响应、数字取证)、恶意软件分析和/或日志中心分析(SIEM)
执行日常响应操作,工作时间表可能涉及非传统工作时间
作为事件分类分析师的升级支持点
根据需要指导和培训事件分析师

优先资格

拥有CISSP、CISM或相关SANS认证者优先

拥有有效的美国政府安全许可者优先
具备安全通信方法(包括Secure Shell, S/MIME和PGP/GPG)的工作知识者优先

AI 洞察

优缺点分析

优点

  • Work for a leading global energy technology company with a strong commitment to innovation and net-zero goals, offering stability and industry impact.
  • Gain hands-on experience with high-stakes incident response in both IT and OT environments, a valuable and specialized skill set.
  • Enjoy a remote work arrangement with contemporary work-life balance policies and comprehensive benefits, including private medical care.
  • Opportunity to work on cutting-edge security challenges in a critical industry, contributing to making energy safer and more efficient.
  • The role involves handling high-risk, unstructured incidents, which can be stressful and require constant vigilance and quick decision-making.
  • Non-traditional working hours may be required to ensure 24/7 security coverage, potentially impacting work-life balance.
  • The technical bar is high, requiring continuous learning to keep up with evolving threats like APTs and new attack techniques.
  • This role is ideal for mid-level cybersecurity professionals with strong technical foundations in incident response and forensics, who thrive in fast-paced environments and are passionate about protecting critical infrastructure.

缺点 / 挑战

暂无明显挑战项

角色解读

  • Technical Path: Advance to senior or principal incident responder, threat hunter, or malware researcher, focusing on deeper technical specialization.
  • Management Path: Progress to team lead or manager of a Security Operations Center (SOC) or incident response team.
  • Broader Security Roles: Transition into security architecture, threat intelligence, or security consulting roles within the energy or broader industrial sector.
  • Lead the technical detection and response to complex, unstructured cybersecurity incidents, particularly high-risk events.
  • Perform daily analysis using specialized skills in network monitoring, host forensics, malware analysis, and log review.
  • Act as an escalation point for triage analysts and provide mentorship to junior team members.
  • Operate on a schedule that may include non-traditional hours to ensure continuous security coverage.
  • Deep technical expertise in cybersecurity tools and methodologies, including NSM, host forensics (e.g., Volatility, FTK), and malware reverse engineering.
  • Strong understanding of IT and OT infrastructure, networking protocols, encryption, and common attack vectors like APTs.
  • Excellent communication and decision-making skills to handle fast-paced incident response scenarios and mentor others.
  • Professional experience (4+ years) in cybersecurity domains such as operations, product security, and industrial control systems.

申请策略

  • Research Baker Hughes's specific energy technology solutions and their security challenges to tailor your application and show genuine interest.
  • In your cover letter or interviews, demonstrate how your skills align with protecting critical infrastructure and supporting the company's net-zero mission.
  • Clearly detail your 4+ years of professional experience in cybersecurity, specifically highlighting incident response, forensics, and malware analysis projects.
  • Emphasize hands-on experience with the tools mentioned (e.g., SIEM, Volatility, Snort, reverse engineering tools) and describe specific incidents you've handled.
  • Showcase any experience with Industrial Control Systems (ICS) or OT security, as this is a key differentiator for Baker Hughes.
  • Include relevant certifications (CISSP, CISM, SANS) and highlight strong communication and mentorship experiences.
  • If lacking, gain practical experience with OT/ICS security concepts through online courses, labs, or contributing to open-source projects related to industrial security.
  • Brush up on advanced malware analysis techniques (static & dynamic) and network forensics using tools like Wireshark for PCAP analysis.

面试指南

  • Use the STAR method (Situation, Task, Action, Result) to structure your answers, providing concrete examples from past experience.
  • For technical questions, explain not just the 'what' (the tool used) but the 'why' (your analytical reasoning) behind your actions.
  • Emphasize teamwork, communication, and adherence to processes, as these are crucial for incident response coordination.
  • 'Walk us through your process for investigating a potential APT incident from initial alert to containment.'
  • 'Describe a time you had to analyze a complex piece of malware. What tools and techniques did you use?'
  • 'How do you prioritize and triage multiple security alerts in a high-pressure environment?'
  • 'Explain the differences and challenges in securing IT versus OT (ICS) networks.'
  • 'Describe a situation where you had to mentor a junior analyst or communicate a technical finding to a non-technical stakeholder.'

职位点评

Watch Jobs
Watch Jobs

聚合公开职位信息,帮助你看清岗位细节与市场趋势。

探索

  • 浏览职位
  • 探索企业
  • 数据统计
  • 洞察报告
  • 招聘观察

产品

  • 免费试用
  • 价格方案
  • 数据方法论

支持

  • 常见问题
  • 隐私政策

© 2026 WatchJobs. 保留所有权利。

隐私政策

贝克休斯 的其他在招职位

  • Intern Supply Chain - China

    贝克休斯 · 上海市
    AI 估算 · 4k-8k
  • Supply Chain Intern

    贝克休斯 · 上海市
    AI 估算 · 4k-6k
  • Emerging Talent- Intern Sales

    贝克休斯 · 北京市
    AI 估算 · 4k-6k
  • Assembly Operator

    贝克休斯 · 苏州市
    AI 估算 · 6k-9k
  • Emerging Talent - Sales Intern 2026 Opportunities (China)

    贝克休斯 · 北京市
    AI 估算 · 4k-6k

相似职位推荐

  • 性能优化工程师(系统方向)

    vivo · 杭州市
    AI 估算 · 20k-35k
  • Principal Field Application Engineer - Automotive AMCU

    恩智浦半导体 · 上海市
    AI 估算 · 30k-50k
  • Cybersecurity Analyst

    联想 · 香港特别行政区
    AI 估算 · 25k-45k
  • 性能优化工程师(上层调度方向)

    vivo · 南京市
    AI 估算 · 25k-45k
  • 车计算信息安全工程师

    联想 · 上海市
    AI 估算 · 20k-35k

贝克休斯 的其他在招职位

  • Intern Supply Chain - China

    贝克休斯 · 上海市
    AI 估算 · 4k-8k
  • Supply Chain Intern

    贝克休斯 · 上海市
    AI 估算 · 4k-6k
  • Emerging Talent- Intern Sales

    贝克休斯 · 北京市
    AI 估算 · 4k-6k
  • Assembly Operator

    贝克休斯 · 苏州市
    AI 估算 · 6k-9k
  • Emerging Talent - Sales Intern 2026 Opportunities (China)

    贝克休斯 · 北京市
    AI 估算 · 4k-6k

相似职位推荐

  • 性能优化工程师(系统方向)

    vivo · 杭州市
    AI 估算 · 20k-35k
  • Principal Field Application Engineer - Automotive AMCU

    恩智浦半导体 · 上海市
    AI 估算 · 30k-50k
  • Cybersecurity Analyst

    联想 · 香港特别行政区
    AI 估算 · 25k-45k
  • 性能优化工程师(上层调度方向)

    vivo · 南京市
    AI 估算 · 25k-45k
  • 车计算信息安全工程师

    联想 · 上海市
    AI 估算 · 20k-35k