IT Security Analyst

Overview General Information Country: MexicoState: Nuevo LeónCity: San Pedro Garza GarciaOffice Location: 2225 Av. Lazaro Cardenas 5th Floor Date posted: 22-Jan-2026 Business Function: Information Technology Position Type: Full-Time/Regular Description: We are hiring an IT Security Analyst II who will fill an IT strategic position as part of the Security Operations Center (SOC) team to be based in Monterrey, Mexico. Helping Our People Thrive - wellbeing ensures our employees feel seen, heard and valued Doing better for people and planet - when we do better, we help the world work better Responsibilities Investigate and validate escalated security alerts from Tier 1 using SIEM, EDR, network logs, cloud logs, and other telemetry to determine true positive incidents. Map adversarial behaviors to frameworks like MITRE ATT&CK and classify confirmed incidents. Perform endpoint and host-based forensics, examining processes, registry artifacts, event logs, memory dumps, prefetch files, timelines, and file system changes on affected systems. Conduct basic malware analysis and extract IOCs and derive IoAs. Use CTI to enrich investigations and link IOCs to known campaigns or threat actors. Assess incident impact and scope, identifying compromised systems, affected accounts, and potential data exposure. Execute containment and mitigation activities: isolating hosts, blocking malicious indicators, disabling, resetting accounts, and applying urgent fixes. Collaborate with IT, network, cloud, and infrastructure teams during incident containment and recovery. Create clear and thorough incident documentation: timelines, root cause, IOCs, impact, and recommended remediation. Update case management systems (e.g., ServiceNow, TheHive) with investigation notes, evidence and RCAs. Improve SOC detection by writing/tuning SIEM rules, EDR queries, and YARA signatures. Update and enhance incident response playbooks and SOPs for common attack scenarios. Provide effective shift handovers, sharing relevant context and ongoing investigations. Document detailed incident reports and tickets, including executive summaries, technical timelines, root cause analysis, impact assessment, IOCs collected, actions taken, and recommended long-term remediations. Minimum Qualifications Bachelor’s degree in computer science, Information Technology, Software Engineering or related required. Advanced English is a must. Minimum 3 years of experience in a similar role. Advanced SIEM expertise (Exabeam, Microsoft Sentinel KQL, Elastic). Strong capability in log and event analysis across Windows, Linux, firewall, proxy, EDR, and WAF sources. Proficiency in network traffic analysis (Wireshark, tcpdump; understanding malicious patterns, tunneling, C2, TLS anomalies). Solid knowledge of the Incident Response lifecycle (NIST/SANS) and experience writing containment/eradication steps. Advanced experience with EDR tools (CrowdStrike, Defender for Endpoint, Trend XDR, SentinelOne, Carbon Black). Foundational skills in malware analysis and use of sandboxes (Hybrid Analysis, Joe Sandbox, Any.Run). Ability to leverage Threat Intelligence (STIX/TAXII, MISP, VirusTotal, Shodan, GreyNoise, AbuseIPDB). High proficiency in scripting and automation—especially Python, plus PowerShell and Bash. Desired Skills And Experience Threat Hunting basics (hypothesis-driven hunting, living-off-the-land binaries detection) Basic Digital Forensics (memory dumps with Volatility, timeline analysis with Plaso) Experience with SOAR platforms (Cortex XSOAR, Swimlane, Palo Alto XSIAM, Microsoft Sentinel playbooks, FortiSOAR) Cloud security awareness (AWS GuardDuty, Azure Sentinel, GCP Security Command Center) Steelcase is a global design and thought leader in the world of work. Along with our expansive community of brands, we design and manufacture innovative furnishings and solutions to help people do their best work in the many places where work happens. Why People Choose to Work with Us: At Steelcase, we put people at the center of everything we do. We understand the role of work and believe that it can bring meaning and purpose to the lives of our customers and our employees. We prioritize supporting our employees both in and out of work, in all aspects of their lives. When we bring our talents together, we make a positive lasting impact through our work and communities. Steelcase provides employment opportunities to all qualified employees and applicants without regard to race, color, creed, genetic information, religion, national origin, gender, sexual orientation, gender identity and expression, age, disability, or veteran status and bases all employment decisions only on valid job requirements. If we can make the application process easier through accommodation, please email us at myhr@steelcase.com. #J-18808-Ljbffr