Senior SOC Analyst

The **Senior SOC Analyst** will be responsible to provide critical technical expertise in managing and analyzing cybersecurity. This is a hands-on role focused on threat hunting and managing all aspects of incident response including preparation, detection, containment, eradication, recovery, and lessons learned. This role reports to the Manager, SOC, and will be the Point of Contact (POC) for all security incidents and will be expected to confirm what is known about an intrusion and discover new information, if possible, post breach via dynamic analysis. When not actively pursuing threats in the environment, this role will be building the structure, processes, and training staff to ensure attacks are properly remediated. The role does include a 24x7 on call component due to the POC function as they are the escalation point.**How You Make a Difference Everyday**:- Conduct analysis of log files, evidence, and other information to determine the best methods for determining the depth and breadth of a breach.- Confirm what is known about an intrusion and discover new information, if possible, after identifying intrusion via dynamic analysis.- Provide a technical summary of findings in accordance with established reporting procedures.- Incident Response for a variety of systems including Windows, Linux, MAC, and custom operating systems.- Incident response functions include mitigating actions to contain activity and facilitating forensics analysis when necessary while minimizing operational impact.- Validates and maintains incident response plans and processes to address potential threats.- Performs root-cause analysis to document findings and participate in root-cause elimination activities as required.- Identifies the tactics, techniques, and procedures (TTPs) of potential threats through the MITRE ATT&CK or similar frameworks.- Researching emerging threats and vulnerabilities to aid in the identification of network incidents, and supports the creation of new architecture, policies, standards, and guidance to address them.- Correlates events and activities across systems to identify trends of unauthorized use.- Compiles and analyzes data for management reporting and metrics.- Understands data automation and analysis techniques.- Review tools in place and provide recommendations on ways to improve our security posture.- Run Red Team \ Blue Team annual exercises.- Run annual Pen testing for critical systems and the security perimeter.- Position may require evening, weekend, or on-call schedules, depending on project requirements and/or system status.**Requirements**:- 5+ years of relevant experience in a specific cybersecurity subdomain (Cloud, Applications, Infrastructure, Security Technology, etc.)- 3-4 years of experience with Security Anomaly Detection and tuning of signatures is required.- 3-4 years of experience with Scripting or programming skills (PERL, Python, PowerShell, etc.) preferred as needed.- 3-4 years of experience within a SOC, preferably in an MSSP environment.- 3-4 years of experience with process creation, improvement, and documentation.- 3-4 years of experience with SIEM products such as LogRhythm- 3-4 years of experience with EDR\XDR solutions such as CrowdStrike, CarbonBlack.- 2+ years of experience identifying and responding to advanced threats and threat actor TTPs- 2+ years of experience with Wireshark and other network forensic and packet analysis tools.- 2+ years of experience with cloud native architecture (AWS, Azure, GCP)- 2+ years of experience with Security Risk Management is required.- Presentation and public speaking abilities- Project management skills- Ability to develop an enthusiastic and positive work environment.- Possession or active pursuit of certifications such as: SANS (GCIA/GCIH/GCTI), Certified Ethical Hacker (CEH), and CISSP is highly preferred.- Working knowledge of Information Security best practices, audit frameworks and possibly privacy laws (e.g., familiarity with ISO 27000 series, SANS, NIST, OWASP Top 10, COBIT, CIS Top 20, CCPA, GDPR).- Ability to travel as required, including to the U.S., potentially on short notice.**What We Offer**:- Life Insurance policy for you starting 30 days after employment.- Personal Health Insurance coverage for you - Major Medical- 30 days “Aguinaldo” Christmas bonus or prorated percentage your first year.- Vacation time starting at 12 days. Additional days will increase per Mexican Law.- Premium Vacation 50% vacation days (Prima vacacional).- You will also receive benefits like Saving Plan (Fondo de Ahorro) and Food Coupons (Vales De Despensa) 6% or the Maximum amount by Mexican Law.- You will be provided a Cell Phone Allowance of $800 pesos per month minus applicable taxes.Tipo de puesto: Tiempo completoSalario: $80,000.00 - $90,000.00 al mesPrestaciones:- Seguro de gastos médicos mayores- Seguro de vida- Vales de despensaLugar de trabajo: Empleo presencial