Analista de ciberseguridad

Infovision is a global IT services company dedicated to providing innovative solutions that drive digital transformation and enhance operational efficiency. We foster a collaborative environment that empowers our teams to grow, while working on impactful projects with leading client. We are seeking a seasoned and proactive Cybersecurity Operations Analyst to join our growing Security Operations Center (SOC). What You’ll Need: 5years experience working in cyber security operations Experience with enterprise incident detection and response for on premise and cloud environments Strong working knowledge of threat actors tactics techniques and procedures (TTPs), and the ability to prioritize detection for the environment/company. Experience developing SOC processes and procedures following industry best practices for both enterprise and cloud environments Strong working knowledge of Linux and Windows, and how to detect threats on these systems at scale Implement detection acceptance criteria to minimize alert fatigue, and to guide use case development Assist developing and implementing key results, metrics and measurements to ensure a high standard Hands on SIEM experience building YARA-L rules, tuning them, and responding to alerts Experience with scripting languages: Python, or PowerShell Experience with large scale data warehouse tech - the ability to work with large data sets and write SQL for incident response, analysis, and correlation. Preferably experience with Google BigQuery Excellent communication skills, especially the ability to communicate cybersecurity threats to technical and non-technical stakeholders Develop and improve playbooks and processes for detection and response Expertise leading incident response efforts, in the role of incident commander and/or investigation lead Expert in hands-on-keyboard analysis and forensics for Windows, macOS, Linux and Cloud Author of Python tools to automate and parallelize collection and processing of investigate data, at-scale Developed metrics reporting pipeline, automated dashboard, monthly reports and review process What You’ll Do: Logging - Ensure the security operations team has security relevant cloud, infrastructure and application logs in a parsed format to a unified destination that has best practice data retention Detection - Respond to security alerts & review dashboards to monitor for suspicious activities/alerts for enterprise, cloud and application sources. Analyze suspicious activities/alerts including malware analysis and forensics and respond with appropriate actions. Response - Follow and improve procedures for Incident Response and participating in the cybersecurity on call rotation. TECHNICAL SKILLS Azure, GCP, ELK, Crowdstrike Falcon, Mandiant Redline, Kali, PowerShell, Python, Windows, Linux, macOS, EnCase 6/7/8, FTK Forensic, SOC2, NIST CSF, ISO 27001, MITRE ATT&CK, penIOC, YARA, YAML, Snort, PowerForensics, Sysmon, Security Automation, Orchestration and Response (SOAR), Cuckoo Sandbox, VirusTotal, CyberChef,, Regular Expressions (RegExp), SQL, Slack, Jira, ServiceNow, Jupyter notebooks, Threat Modeling. What we offer: Competitive salary & benefits – Including attractive legal and above-the-law perks. Collaborative, innovative work environment. Career growth opportunities & skill development. Flexible remote work options. If you’re ready to take the next step in your career and join a dynamic, forward-thinking team, apply today! The position is not eligible for employment-based visa/immigration sponsorship.

Location: México, MX

Posted Date: 6/6/2025