¡Activa las notificaciones laborales por email!
Security Operations Center Engineer
tbo
Ciudad de México
Presencial
USD 40,000 - 80,000
Jornada completa
Descripción de la vacante
A leading tech company is seeking a Security Engineer to enhance their cybersecurity capabilities. The ideal candidate will leverage their 5+ years of experience in cybersecurity operations to monitor, respond, and optimize security measures against evolving threats. This role emphasizes engineering and innovation, aiming to develop practical solutions to security challenges while effectively communicating risks to stakeholders.
Formación
- 5+ years in cybersecurity operations required.
- Deep understanding of threat landscape and detection tooling necessary.
- Experience with incident detection and remediation is critical.
Responsabilidades
- Build monitoring and response tooling with cybersecurity teams.
- Ensure security logs are integrated into the SIEM.
- Develop incident response plans and procedures.
Conocimientos
Herramientas
Descripción del empleo
We’re looking for a Security Engineer to join and help grow our team. Our Security Operations team is tasked with monitoring and protecting the company from an ever-growing number of security risks, as well as finding new and creative ways to do so. Having a strong focus on engineering and innovation, we are seeking individuals who love to find new problems and hate fixing the same problem twice.
Location: Mexico
Responsibilities:
- Work closely with the cybersecurity organization to build monitoring and response tooling and processes to enhance our capabilities.
- Logging: Ensure all security-relevant cloud, infrastructure, and application logs are parsed and integrated into our SIEM.
- Detection:
- Establish detection and prevention rules and policies.
- Perform Proof of Concept (POC) and deploy detection tools.
- Tune and audit rules and policies based on true and false positives.
- Develop detection frameworks, threat intel programs, and ATO detection systems.
- Response:
- Develop incident response plans and procedures.
- Create playbooks, automate responses, and develop malware analysis and forensic tools.
- Collaborate with customer service and engineering teams.
- Monitoring and Analysis:
- Build security alerts and dashboards.
- Monitor for suspicious activities across cloud, infrastructure, and applications from various sources.
- Analyze alerts, perform malware analysis and forensics.
- Respond to security incidents and take remediation actions.
Requirements:
- 5+ years in cybersecurity operations.
- Deep understanding of threat landscape, security trends, attack vectors, and detection/response tooling.
- Experience with SOAR/SIEM technologies.
- Incident detection and remediation expertise.
- Knowledge of threat vectors, vulnerabilities, and anomaly detection.
- Proficiency with Linux and/or Windows logs and indicators.
- Scripting skills in Python or PowerShell.
- Hands-on experience with SIEM, EDR, and Firewall tools.
- Excellent communication skills, especially translating security risks to non-technical stakeholders.
- Familiarity with NIST, MITRE, ATT&CK, and OWASP Top 10 frameworks.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
mejor más rápidamente
Síguenos
