Security Operations Center Engineer

We’re looking for a Security Engineer to join and help grow our team. Our Security Operations team is tasked with monitoring and protecting the company from an ever-growing number of security risks, as well as finding new and creative ways to do so. Having a strong focus on engineering and innovation, we are seeking individuals who love to find new problems and hate fixing the same problem twice. Location: Mexico Responsibilities : Work closely with the cybersecurity organization to build monitoring and response tooling and processes to enhance our capabilities. Logging: Ensure all security-relevant cloud, infrastructure, and application logs are parsed and integrated into our SIEM. Detection: Establish detection and prevention rules and policies. Perform Proof of Concept (POC) and deploy detection tools. Tune and audit rules and policies based on true and false positives. Develop detection frameworks, threat intel programs, and ATO detection systems. Response: Develop incident response plans and procedures. Create playbooks, automate responses, and develop malware analysis and forensic tools. Collaborate with customer service and engineering teams. Monitoring and Analysis: Build security alerts and dashboards. Monitor for suspicious activities across cloud, infrastructure, and applications from various sources. Analyze alerts, perform malware analysis and forensics. Respond to security incidents and take remediation actions. Requirements : 5+ years in cybersecurity operations. Deep understanding of threat landscape, security trends, attack vectors, and detection/response tooling. Experience with SOAR/SIEM technologies. Incident detection and remediation expertise. Knowledge of threat vectors, vulnerabilities, and anomaly detection. Proficiency with Linux and/or Windows logs and indicators. Scripting skills in Python or PowerShell. Hands-on experience with SIEM, EDR, and Firewall tools. Excellent communication skills, especially translating security risks to non-technical stakeholders. Familiarity with NIST, MITRE, ATT&CK, and OWASP Top 10 frameworks. #J-18808-Ljbffr

Creado: Jue, 01 de Ene de 1970