Manager, Cybersecurity Incident Handler

About KTSAWe are KTSA – KPMG Technology Services Americas.A Service Delivery Center of KPMG US, with offices in Mexico City, Guadalajara, and a growing network of remote talent across the country. We deliver high-value technology, consulting, and corporate support services to KPMG US and its clients.At KTSA, our Employer Value Proposition is clear:Explore.Explore isn't just a word — it's how we grow, lead, and thrive. It's the mindset that drives our culture and shapes every opportunity:Experiencea collaborative, inclusive, and multicultural workplace where you belong.Excelby creating impact and leaving your mark on global projects.Expandyour potential with real career paths, learning programs, and mentorship.Expressyour individuality — come as you are, and thrive as your authentic self.And because we know that thriving at work also means thriving in life, we back this mindset withKTSAMÁS, our total rewards program, designed to support your well-being, goals, and personal milestones.RESPONSIBILITIES AND QUALIFICATIONS:Key Responsibilities:Manage and perform day-to-day security monitoring and incident response activities for 24x7 operations, using a thorough understanding of cybersecurity. UseCortex XSOARskills to enhance workflows, automate processes, and improve efficiency. Identify opportunities for improvement and utilize XSOAR to optimize security operations.Response activities may include incident response, incident management, driving remediation or threat mitigation, threat hunting, and forensic analysis. Utilize XSOAR to streamline and automate these processes, enhancing security operations' effectiveness. Develop automated playbooks in XSOAR for vulnerability identification and remediation to ensure comprehensive security monitoring coverage.Serve as a service owner and subject matter expert for XSOAR to enhance delivery and integration. Stay current on information security controls, practices, techniques, and capabilities, focusing on XSOAR advancements. Facilitate skill development for security personnel on monitoring and incident response by mentoring and conducting sessions on using XSOAR for automation and improving efficiency.Lead efforts to build and maintain effective relationships with multiple internal technology groups, ensuring strategic alignment across teams. Promote collaboration and standardization among these federated technology groups, focusing on shared interests and priorities. Serve as a key subject matter expert for XSOAR, guiding others to achieve organizational goals and objectives.Leverage intelligence to lead and manage threat and vulnerability monitoring, respond appropriately, and develop risk mitigation strategies.Implement automation and orchestration to improve efficiency and effectiveness of security monitoring and response processes. Document processes and procedures in the form of playbooks and reference guides.Integrate processes and technologies, with the objective of a "single pane of glass" for monitoring and comprehensive security response process.Provide input into business cases and presentations to leadership of proposed security products and studies. Produce operating metrics and key performance indicators.Qualifications:Bachelor's degree with 5-8 years of experience in Cyber security operations, and demonstratable experience with Palo AltoCortex XSOARor other security orchestration and automation implementation.Both project and operational experience in security monitoring, security operations, and incident response activities; preferably within a professional services firm or similar environment.Experience implementing processes, including playbooks and procedures, defining security monitoring rules, and providing management oversight of security tooling.Hands on network and administration skills with Linux, Windows, cloud security, Active Directory, SIEM and security infrastructure (e.g. Microsoft Sentinel and related technology stack, such as Microsoft Purview) are relevant.Preferred Qualifications:Experience with Palo Alto Cortex product.Cybersecurity certifications include but not limited to CISSP, CCSP, CCSK, GSEC, GCIH, GCFE, GCFA, SC-200, CEH, and AZ-900.Expand your possibilities with KTSA through KTSAMÁS, where you can access:Extended maternity, paternity, and adoption leavesAbove-market vacation benefitsLearning opportunities, training, and certification programsExtended marriage leave and daycare supportWellness and Employee Assistance Programs (EAP)Comprehensive medical plan, life insurance, car insurance, and funeral assistanceVisitto learn more.At KTSA, we celebrate and support everyone's individuality. We do not discriminate against any race, religion, color, national origin, gender, sexual orientation, gender identity or expression, age, marital status, or disability. We are supportive of helping you to achieve a balance between your home and work demands. We are happy to discuss specific requirements and our range of flexible working arrangements could be of interest. Please ask to find out more. We strongly state that we DO NOT require a certificate of non-pregnancy or HIV in order to participate in any of our processes.Explore KTSA, we dare to be differentHome - KTSAKTSA - KPMG Technology Services of Americas