Middle Security Operations Analyst

We are looking for a Middle Security Operations Analyst to strengthen our SOC by delivering expert threat detection and incident response capabilities.

In this role, you will be essential to protecting our clients through generating comprehensive security reports, creating use cases, and assisting with threat intelligence activities. Join us to advance your cybersecurity career in a fast-paced and supportive environment.

Responsibilities

• Produce comprehensive security reports for diverse stakeholder groups
• Address security incidents swiftly to reduce potential damage
• Analyze and prioritize alerts to detect emerging threats
• Design and enhance rule sets and use cases for effective threat detection
• Assist in threat hunting operations and support threat intelligence workflows
• Upgrade SOC and SOAR tools to improve detection efficiency
• Leverage advanced analytics to uncover new threat trends and vulnerabilities
• Lead SOC tabletop drills to improve team readiness
• Contribute to the on-call schedule every 8th weekend

Requirements

• Minimum 2 years of experience in Security Operations
• Familiarity with Splunk, Microsoft Defender, and Microsoft Security tools
• Experience with asset discovery tools and VirusTotal
• Good understanding of the MITRE ATT&CK framework
• Knowledge of malware detection, intrusion detection, and prevention systems
• Proficient in security monitoring strategies
• Understanding of Windows, Linux, databases, and network device monitoring and logging
• Awareness of host and network security hardening and networking protocols
• Knowledge of common intrusion techniques and risk management principles
• Strong attention to detail and enthusiasm for cybersecurity
• Logical thinker with curiosity to investigate issues
• Effective communication skills in English at B2 (Upper-Intermediate) level

Nice to have

• Hands-on experience with Tanium or similar asset management, patch management, and EDR tools
• Knowledge of Qualys vulnerability management solutions
• Familiarity with Azure Sentinel and AWS cloud security
• Experience using ServiceNow SecOps platform
• Understanding of Sophos security products

We offer

• Career plan and real growth opportunities
• Unlimited access to LinkedIn learning solutions
• Constant training, mentoring, online corporate courses, eLearning and more
• English classes with a certified teacher
• Support for employee's initiatives (Algorithms club, toastmasters, agile club and more)
• Enjoyable working environment (Gaming room, napping area, amenities, events, sport teams and more)
• Flexible work schedule and dress code
• Collaborate in a multicultural environment and share best practices from around the globe
• Hired directly by EPAM & 100% under payroll
• Law benefits (IMSS, INFONAVIT, 25% vacation bonus)
• Major medical expenses insurance: Life, Major medical expenses with dental & visual coverage (for the employee and direct family members)
• 13 % employee savings fund, capped to the law limit
• Grocery coupons
• 30 days December bonus
• Employee Stock Purchase Plan
• 12 vacations days
• Official Mexican holidays, plus 5 extra holidays (Maundry Thursday and Friday, November 2nd, December 24th & 31st)
• Monthly non-taxable amount for the electricity and internet bills

EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.

By applying to our role, you are agreeing that your personal data may be used as in set out in EPAM´s Privacy Notice and Policy.