L2 SOC Analyst

We are seeking an experienced Level 2 SOC Analyst to join our client's global Security Operations Center (SOC) team. This full-time, long-term contract position with the potential for extensions offers a competitive salary and benefits. As part of a follow-the-sun model, you will work remotely from Mexico City, Monterrey, N.L., or Guadalajara during normal daytime business hours with rotating weekend coverage.

Key Responsibilities:

- Support complex incident investigations and threat hunting activities

- Analyze and correlate security events from multiple sources to identify potential threats

- Develop and refine incident response playbooks and SOC procedures

- Mentor and guide Level 1 SOC analysts, providing technical expertise and support

- Create and maintain custom SIEM rules, reports, and dashboards

- Collaborate with SOC teams in the US and Mexico to ensure seamless 24/7 coverage

- Perform advanced threat and vulnerability assessments

- Contribute to the continuous improvement of security monitoring and detection capabilities

- Assist in the evaluation and implementation of new security technologies

Requirements:

- Bachelor's degree in Computer Science, Information Security, or a related field

- Minimum 2 years of experience as a Level 2 SOC Analyst

- Experience with SIEM tools (e.g., Splunk, QRadar, LogRhythm, Stellar Cyber, Elastic SIEM)

- Strong proficiency in Endpoint Protection tools such as Crowdstrike or Tanium

- Experience with ProofPoint and Wiz

- Advanced knowledge of intrusion detection/prevention systems (IDS/IPS) and firewall technologies

- In-depth understanding of network protocols, operating systems, and cybersecurity best practices

- Proven experience in incident response and threat intelligence

- Experience supporting cyber incidents (DFIR)

- Demonstrated skills in malware analysis, Cyber Threat Intelligence (CTI), and cyber threat hunting

- Excellent analytical and problem-solving skills

- Strong written and verbal communication abilities in English

Preferred Qualifications:

- Relevant certifications such as CySA+, GCIH, GCIA, or equivalent

- Experience with scripting languages (e.g., Python, PowerShell) for automation

- Knowledge of cloud security and containerization technologies

- Familiarity with compliance frameworks (e.g., ISO 27001, SOC 2, PCI DSS)

- Hands-on experience with AI-driven security tools and machine learning applications in cybersecurity

Work Environment:

- Remote or hybrid in Mexico City, Monterrey, or Guadalajara

- Regular daytime business hours with rotating weekend coverage

- Part of a global team operating in a follow-the-sun model

- Opportunity for professional growth and skill development in a dynamic cybersecurity environment

The ideal candidate will be a seasoned SOC professional with a proven track record in handling complex security incidents and a commitment to maintaining a strong security posture for our client's global manufacturing operations. Join this team and play a crucial role in protecting the organization's digital assets and ensuring business continuity.

Business Continuity Analysis Analysts Splunk Prevention Offers Intelligence Information Security Powershell Protection Salary Machine Learning Operating Systems Continuous Improvement Manufacturing Automation Security Computer Science Python Business English Science Communication