SOC Analyst - Mexico (Remote)

About us: At Echelon Risk + Cyber, we believe in defending basic human rights to security and privacy. We seek a highly skilled and experienced SOC Analyst, Consultant to join our dynamic team at Echelon Risk + Cyber, a leading cybersecurity consulting firm. Our next team member will be ready to roll up their sleeves and identify opportunities for our clients and for Echelon internally with unquestioned integrity. This team member will be passionate about cybersecurity and ready to use their knowledge to be an Entrepreneurial Problem Solver and work alongside their Echelon team members to build creative solutions.

As SOC Analyst, Consultant you will create and maintain the safest operating environment for Echelon's employees and clients. You will defend network boundaries, keep computer systems and network devices hardened against attacks and provide security services to protect sensitive data (e.g., passwords and customer information). You will monitor our systems for attacks and intrusions and work to proactively identify flaws and vulnerabilities.

At Echelon, you will have the opportunity to engage with clients, business partners and systems that are at the cutting edge of technology. We allow our employees to build from the ground up and make an impact across the organization. We look for driven and proactive people that are eager to contribute to a distinct and thriving Cybersecurity services organization, that can adapt to a rapid and changing environment.

This is a remote position from anywhere in Mexico.

What You Will Do:

• Lead the analysis of escalated incidents, assess attack scope, identify affected systems, and develop containment, eradication, and recovery plans.
• Leverage threat intelligence feeds and IoC databases to enhance incident response and analyze adversary tactics to improve detection and prevention.

• Act as the escalation point for confirmed incidents, collaborating with internal teams and interfacing with external stakeholders for effective resolution.
• Use and maintain expertise in SIEM, EDR/XDR, and SOAR platforms for advanced threat detection, while optimizing tools and tuning detection rules.
• Document the entire incident lifecycle, including root cause analysis and actions taken, and produce detailed reports with recommendations for security improvements.
• Take ownership of complex incidents, ensuring timely resolution and effective communication with stakeholders.
• Work closely with IT, security, and SOC engineering teams to ensure coordinated and efficient responses to incidents.
• Review and refine response processes and detection mechanisms, contributing to continuous improvement and strengthening the organization's security posture.
• Support the growth and development of a Managed SOC/MDR service and team (e.g., create Standard Operating Procedures, system/platform configuration and tuning, team training).
• Participate in after-hours/on-call shifts for SOC alert escalation and response requirements.

Your knowledge, skills, and abilities:

• Bachelor's degree in information technology, Computer Science, Cybersecurity, or a related discipline, or equivalent professional experience.

• Expertise in investigating and mitigating security incidents across diverse environments, including on-premises, cloud, and hybrid infrastructures.
• An experienced (Level 2 or 3) Analyst, looking to develop and grow a SOC service and team.
• Strong understanding of threat intelligence integration, adversary TTPs, and the MITRE ATT&CK framework.
• Desired Certifications: CompTIA Security+ and Cybersecurity Analyst (CySA+), ISC2 CC and SSCP, EC-Council Certified Incident Handler (ECIH), GIAC Certified Incident Handler (GCIH), and SIEM/EDR certifications (e.g., Splunk, Chronicle, CrowdStrike, SentinelOne) are a plus.
• Advanced English (C1).
• Authorized to work in Mexico.

• Only Resumes in English will be considered

Preferred Qualifications:

• 3–5 years of hands-on experience in SOC operations, preferably for a SOC or MDR service provider (e.g., MSSP).
• Proficiency with SOC technologies, including SIEM (e.g., Chronicle, Splunk, IBM QRadar), EDR/XDR (e.g., Trellix, CrowdStrike, SentinelOne, BlackPoint), and SOAR platforms (e.g., Chronicle, FortiSOAR, Splunk SOAR).
• Experience responding to alerts related to Microsoft Office 365, Identities (Entra ID, Active Directory), Cloud (AWS, Azure), Firewalls, Endpoint security, Email security, Web security (IP, DNS Filtering).

Why Echelon?

We are committed to creating an inclusive environment for our team with unquestioned integrity. If you have a special need that requires accommodation, please let your recruiter know. One of our core values in "People with Personality" and we want to allow you the space to bring your full self to work.

We currently offer the following benefits:

• Access to private medical insurance through MetLife.

• Life insurance policy via Sura Seguros.

• 30-day Christmas bonus and a monthly technology stipend.

• Contribution of 8% of the employee's salary to a savings fund.

• Flexible vacation policy that allows you to manage your schedule and rest and recharge when you need to.

• Family-friendly benefits, including 16 weeks off for maternity leave, 8 weeks off for non-birthing parent leave, and employer-paid short-term and long-term disability.
• Support for individual development through certifications, continued learning, conferences, and more.

We value a diverse workforce and a culture of inclusivity and belonging. All employment decisions shall be made without regard to age, race, creed, color, religion, gender, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law. Echelon Risk + Cyber is an Equal Opportunity Employer