Security Operations Center Analyst

INFOVISION is looking for talent for a Senior SOC Analyst position in Mexico (Remote). What You’ll Need Experience working in cyber security operations Experience with enterprise incident detection and response for on premise and cloud environments Strong working knowledge of threat actors tactics techniques and procedures (TTPs), and the ability to prioritize detection for the environment/company. Experience developing SOC processes and procedures following industry best practices for both enterprise and cloud environments Strong working knowledge of Linux and Windows, and how to detect threats on these systems at scale Implement detection acceptance criteria to minimize alert fatigue, and to guide use case development Assist developing and implementing key results, metrics and measurements to ensure a high standard Hands on SIEM experience building YARA-L rules, tuning them, and responding to alerts Experience with scripting languages: Python, or PowerShell Experience with large scale data warehouse tech - the ability to work with large data sets and write SQL for incident response, analysis, and correlation. Preferably experience with Google BigQuery Excellent communication skills, especially the ability to communicate cybersecurity threats to technical and non-technical stakeholders Develop and improve playbooks and processes for detection and response Expertise leading incident response efforts, in the role of incident commander and/or investigation lead Expert in hands-on-keyboard analysis and forensics for Windows, macOS, Linux and Cloud Author of Python tools to automate and parallelize collection and processing of investigate data, at-scale Developed metrics reporting pipeline, automated dashboard, monthly reports and review process What You’ll Do Logging - Ensure the security operations team has security relevant cloud, infrastructure and application logs in a parsed format to a unified destination that has best practice data retention Detection - Respond to security alerts & review dashboards to monitor for suspicious activities/alerts for enterprise, cloud and application sources. Analyze suspicious activities/alerts including malware analysis and forensics and respond with appropriate actions. Response - Follow and improve procedures for Incident Response and participating in the cybersecurity on call rotation. We Offer: Benefits above law Competitive salary Apply here, or send to me your updated resume right to my email: Javier.Rivera@Infovision.com

Location: México, MX

Posted Date: 6/6/2025