Senior Specialist, Cybersecurity Incident Handler

About KTSA We are KTSA – KPMG Technology Services Americas. A Service Delivery Center of KPMG US, with offices in Mexico City, Guadalajara, and a growing network of remote talent across the country. We deliver high-value technology, consulting, and corporate support services to KPMG US and its clients. At KTSA, our Employer Value Proposition is clear: Explore. Explore isn't just a word — it's how we grow, lead, and thrive. It's the mindset that drives our culture and shapes every opportunity: Experience a collaborative, inclusive, and multicultural workplace where you belong. Excel by creating impact and leaving your mark on global projects. Expand your potential with real career paths, learning programs, and mentorship. Express your individuality — come as you are, and thrive as your authentic self. And because we know that thriving at work also means thriving in life, we back this mindset with KTSAMÁS, our total rewards program, designed to support your well-being, goals, and personal milestones. RESPONSIBILITIES AND QUALIFICATIONS: Key Responsibilities: Utilize your expertise in IT security, security operations, and incident response to build, operate, and enhance our extended security orchestration and automation (XSOAR) tool, ensuring swift and effective handling of incidents and ongoing protection of organizational assets. Handle and coordinate tasks such as incident management, threat hunting, forensic analysis, and remediation efforts to mitigate threats. Conduct regular assessments to identify vulnerabilities and insecure configurations and review security change requests to ensure robust protective measures. Configure and monitor security tools, including alerts, correlation rules, and reporting mechanisms. Implement automation and orchestration to improve the efficiency and effectiveness of security monitoring and response processes, aiming for a unified "single pane of glass" solution. Leverage intelligence to apply threat monitoring and vulnerability detection to evaluate and respond effectively to events and developing risk severity level and mitigation approaches. Qualifications: Bachelor's degree with 2-5 years of experience in cybersecurity operations with experience implementing processes and playbooks in cybersecurity monitoring and incident response activities using XSOAR products. Experience with scripting or automation with python, and ServiceNow is a plus. Ability to participate in development of resource plans and project estimation. Preferred Qualifications: Relevant certifications include CISSP, CCSP, CCSK, GSEC, GCIH, GCFE, GCFA, SC-200, CEH, and AZ-900 Working hours: Sunday - Wednesday or Wednesday to Saturday 7:00am to 5:00pm or 1pm to 11:00pm Expand your possibilities with KTSA through KTSAMÁS, where you can access: Extended maternity, paternity, and adoption leaves Above-market vacation benefits Learning opportunities, training, and certification programs Extended marriage leave and daycare support Wellness and Employee Assistance Programs (EAP) Comprehensive medical plan, life insurance, car insurance, and funeral assistance Visit to learn more. At KTSA, we celebrate and support everyone's individuality. We do not discriminate against any race, religion, color, national origin, gender, sexual orientation, gender identity or expression, age, marital status, or disability. We are supportive of helping you to achieve a balance between your home and work demands. We are happy to discuss specific requirements and our range of flexible working arrangements could be of interest. Please ask to find out more. We strongly state that we DO NOT require a certificate of non-pregnancy or HIV in order to participate in any of our processes. Explore KTSA, we dare to be different Home - KTSA KTSA - KPMG Technology Services of Americas