Security Operations Lead

We are looking for an experienced **Security Operations Lead** to drive and enhance our cybersecurity event management and incident response capabilities.This pivotal role is responsible for overseeing the identification, management, and remediation of security incidents to maintain the resilience and integrity of both physical and digital security systems.**Responsibilities**- Oversee logging and tracking of all security events with detailed event reports- Ensure accurate documentation of security events and incidents- Analyze security data to detect potential threats and vulnerabilities that may impact the organization- Lead incident response efforts to promptly address security breaches, system outages, or other events- Assess the scope and impact of security incidents and document findings comprehensively- Collaborate with internal departments and external stakeholders during forensic and response efforts- Develop and maintain incident response playbooks to streamline and prepare response strategies- Drive implementation of effective remediation measures to minimize future risks- Identify gaps and processes that can lead to incidents, implementing preventive solutions- Work cross-functionally with teams to deploy and enhance security controls- Conduct post-incident reviews to capture lessons learned and recommend improvements- Continuously evaluate and refine event monitoring and response workflows**Requirements**:- 5 years of experience in security event management and incident response roles- Background in security information and event management (SIEM) tools with demonstrable hands-on expertise- Understanding of information security principles, frameworks, and technologies- Capability to lead and manage an incident response team during critical operations- Skills in analytical problem-solving and making swift, confident decisions under pressure- Competency in interpersonal communication with technical and non-technical audiences- Flexibility to work independently, in collaboration, and remotely with distributed teams**Nice to have**- Bachelor’s degree in Information Technology, Cybersecurity, or related field- Certifications such as Security+, CISSP, CISM, or SANS GIAC (e.g., GCIH, GCIA preferred but not mandatory)**We offer**- Career plan and real growth opportunities- Unlimited access to LinkedIn learning solutions- International Mobility Plan within 25 countries- Constant training, mentoring, online corporate courses, eLearning and more- English classes with a certified teacher- Support for employee’s initiatives (Algorithms club, toastmasters, agile club and more)- Enjoyable working environment (Gaming room, napping area, amenities, events, sport teams and more)- Flexible work schedule and dress code- Collaborate in a multicultural environment and share best practices from around the globe- Hired directly by EPAM & 100% under payroll- Law benefits (IMSS, INFONAVIT, 25% vacation bonus)- Major medical expenses insurance: Life, Major medical expenses with dental & visual coverage (for the employee and direct family members)- 13 % employee savings fund, capped to the law limit- Grocery coupons- 30 days December bonus- Employee Stock Purchase Plan- 12 vacations days plus 4 floating days- Official Mexican holidays, plus 5 extra holidays (Maundry Thursday and Friday, November 2nd, December 24th & 31st)- Monthly non-taxable amount for the electricity and internet billsEPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.