Cashea logo
Cashea

Compra ahora y paga después, en cuotas sin interés. El impulso que mereces.

SOC Engineer

Security OperationsSecurity OperationsFull TimeRemoteSeniorTeam 501-1,000Since 2022H1B No SponsorCompany SiteLinkedIn

Location

Mexico

Posted

11 days ago

Salary

0

Seniority

Senior

Bachelor DegreeSpanishOpen SourcePythonSplunk

Job Description

SOC Engineer

Cashea

• Administrar y mantener el SIEM (Security Information and Event Management) • Administrar y mantener el SOAR (Security Orchestration, Automation, and Response) • Configurar fuentes de logs, asegurando la correcta ingesta de eventos de sistemas críticos • Diseñar y mantener reglas y alertas de correlación para la detección de amenazas • Desarrollar y mantener playbooks de respuesta a incidentes, estandarizando el proceso de análisis y contención • Ejecutar actividades de análisis de amenazas, triage y respuesta ante incidentes • Colaborar con equipos de infraestructura y desarrollo para mitigar riesgos y vulnerabilidades • Gestionar ejercicios de simulación de incidentes • Analizar alertas y realizar investigaciones de incidentes para identificar amenazas, explotaciones, vulnerabilidades o comportamientos anómalos • Contribuir a la automatización de tareas del SOC mediante desarrollo de herramientas, inteligencia de amenazas, integraciones o herramientas SOAR

Job Requirements

  • Experiencia con herramientas SIEM (Splunk, OpenSearch, Sentinel, QRadar, etc.)
  • Conocimientos en log analysis, threat detection, MITRE ATT&CK y análisis forense
  • Experiencia en scripting o automatización (Python, bash)
  • Estar familiarizado con tecnologías Open Source (OpenSearch, Wazuh)
  • Familiaridad con procesos de respuesta a incidentes (NIST 800-61, SANS)

Benefits

  • Cultura de trabajo basada en la confianza y el propósito
  • Espacio para las ideas y el feedback
  • Transparencia en la comunicación

Related Categories

Related Job Pages

More Security Operations Jobs

Full TimeRemoteTeam 1,001-5,000Since 2012H1B Sponsor

• Build strategic relationships with Optiv customers by supporting key customer-facing activities including on-going face to face relationship building and customer satisfaction-related efforts • Individual contributor acting as a delivery and services senior leader • Work with delivery teams and the client to create plans for accomplishing engagement objectives and a strategy that complies with professional standards and addresses the risks inherent in the engagement • Provide constructive on-the-job feedback and coaching to team members • Deliver effective services based on a thorough understanding of complex cyber security architectures and technology and ability to effectively apply it to client situations and environments • Use extensive knowledge of the client's business and industry to identify technological developments and evaluate impacts on the client's business • Perform project management and team leadership, inspire teamwork and responsibility with engagement team members, and use current technology and tools to enhance the effectiveness of deliverables and services • Understand Optiv and its service lines and actively assess what Optiv can deliver to serve clients • Create innovative insights for clients, adapts methods & practices to fit operational team needs & contributes to thought leadership documents • Understand the business requirements clearly and plan for effective utilization of resources, managing the change requests and risk planning, etc. • Enhance service delivery through frequent interaction with the end user and business sponsors • Understand the process gaps and propose preventive / corrective action where appropriate

Kansas + 1 moreAll locations: Kansas | Missouri
MNTN logo

Senior Security Operations Engineer

MNTN

The hardest working software in television.

Full TimeRemoteTeam 201-500H1B No Sponsor

Role Description We are seeking an experienced Senior Security Operations Engineer to lead and scale our security operations. You will be responsible for safeguarding our systems, networks, and data from cyber threats. This role requires a deep understanding of security monitoring, incident response, and automation, along with the ability to collaborate cross-functionally with IT, engineering, and compliance teams. This is a “hands on” technical role and a great opportunity to join a growing company with a large scale production environment. The right candidate will be a self-starter that can quickly put together a roadmap of security initiatives and work with engineering teams in a positive manner around implementing security controls. - Lead day-to-day security operations, including monitoring, detection, investigation, and response to security incidents. - Understand modern cloud infrastructure stacks and inject security controls in those stacks (e.g., Terraform, Kubernetes, CI/CD, ArgoCD, Github). - Develop, refine, and maintain SIEM rules, alerts, dashboards, and playbooks for proactive threat detection. - Drive incident response efforts, including triage, containment, eradication, recovery, and post-incident reporting. - Automate repetitive SecOps processes (e.g., enrichment, remediation, alert triage) to improve efficiency and reduce noise. - Conduct threat hunting activities to identify hidden threats and vulnerabilities. - Collaborate with devops and engineering teams to embed security best practices into systems and workflows. - Perform log analysis and security monitoring across cloud, endpoint, and network environments. - Lead security assessments and participate in vulnerability management and remediation programs. - Partner with compliance and risk management teams to support audits and regulatory requirements. Qualifications - 5+ years of hands-on experience in Security Operations. - Strong knowledge of SIEM platforms. - Expertise in threat detection, malware analysis, and forensic investigation. - Proficiency with scripting and automation tools (Python, Bash, etc.). - Solid understanding of network protocols, firewalls, IDS/IPS, EDR, and cloud security controls. - Experience with cloud platforms (AWS and GCP) and their native security services. - Familiarity with MITRE ATT&CK, NIST, ISO, and other security frameworks. - Excellent communication and leadership skills, with experience guiding teams or projects. - Security certifications a plus. Benefits - 100% remote within the US. - Flexible vacation policy. - Annual vacation allowance for travel-related expenses. - Three-day weekend every month of the year. - Competitive compensation. - 100% healthcare coverage. - 401k plan. - Flexible Spending Account (FSA) for dependent, medical, and dental care. - Access to coaching, therapy, and professional development. Company Description MNTN provides advertising software for brands to reach their audience across Connected TV, web, and mobile. MNTN Performance TV has redefined what it means to advertise on television, transforming Connected TV into a direct-response, performance marketing channel. Our web retargeting has been leveraged by thousands of top brands for over a decade, driving billions of dollars in revenue. - Our solutions give advertisers total transparency and complete control over their campaigns all with the fastest go-live in the industry. - As a result, thousands of top brands have partnered with MNTN, including Tarte, Decked, and National University.

United States
Jamf logo

Security Operations Engineer I

Jamf

The Standard in Apple Enterprise Management

Full TimeRemoteTeam 1,001-5,000Since 2002H1B Sponsor

• Responsible for the tools, configuration, administration and related processes around Security Information and Event Management. • Responsible for Web application firewall and related prevention, detection and mitigation of DDoS attack. • Performs regular firewall audits in line with our procedures. Provides the appropriate documentation, supporting evidence and follow up on identified issues requiring remediation. • Responsible for tooling, processes and follow up actions related to our vulnerability scanning and external port scanning needs and practices. • Handles the identification, planning and implementation of cloud hardening needs. Works collaboratively with Operations and other internal teams to communicate, document and implement. • Performs security incident analysis, response and remediation. • Participates in design and implementation of security automation workflows. • Maintain the technical documentation of processes and procedures. • Perform scripting duties in Bash and Python. • Maintain an advanced level of knowledge of JAMF Cloud Services and related products. • Other duties and special projects as assigned.

Poland
Job Closed
ContractRemoteTeam 501-1,000H1B Sponsor

• Manages and is responsible for the successful completion of all tasks in assigned projects. • Contribute to the Security Operations and Engineering Team focused on maintaining the security integrity of the client's mission critical suite of applications. • Available 24/7 for any critical security incident response that may arise which requires immediate resolution. • Work to ensure security tooling within environments is operational and operating at needed levels of service and availability. • Ensure operational practices provide a sound foundation that utilizes tools and processes for rapid identification of security events to address and mitigate risks. • Assist in Plan, organize, and execute multiple responsibilities to achieve project goals and provide technical leadership to move operational projects to completion. • Contribute to security requirements, standards, procedures, and reference architectures to comply with policies and technical standards. • Develop and maintain incident response playbooks specific to AI/ML security threats including prompt injection, model poisoning, data exfiltration, and adversarial attacks. • Monitor and secure generative AI systems, large language models (LLMs), and AI-powered applications within environments. • Contribute to AI governance frameworks and policies ensuring responsible AI practices and compliance with AI-specific security standards. • Analyze and evaluate security implications of new AI/ML tools and platforms before deployment to production environments. • Participate in AI threat intelligence activities and stay current with emerging AI security vulnerabilities and attack methodologies. • Conduct post-incident analysis for AI-related security events and develop preventive measures specific to AI threat vectors. • Review and validate AI model security properties, including robustness against adversarial inputs and data privacy protections.

United States
Job Closed