L2 SOC Analyst - Remote CDMX, MTY, GDL

We are seeking an experienced Level 2 SOC Analyst to join our client's global Security Operations Center (SOC) team. This full-time, long-term contract position with the potential for extensions offers a competitive salary and benefits. As part of a follow-the-sun model, you will work remotely from Mexico City, Monterrey, N.L., or Guadalajara during normal daytime business hours with rotating weekend coverage.

Key Responsibilities:

- Support complex incident investigations and threat hunting activities

- Analyze and correlate security events from multiple sources to identify potential threats

- Develop and refine incident response playbooks and SOC procedures

- Mentor and guide Level 1 SOC analysts, providing technical expertise and support

- Create and maintain custom SIEM rules, reports, and dashboards

- Collaborate with SOC teams in the US and Mexico to ensure seamless 24/7 coverage

- Perform advanced threat and vulnerability assessments

- Contribute to the continuous improvement of security monitoring and detection capabilities

- Assist in the evaluation and implementation of new security technologies

Requirements:

- Bachelor's degree in Computer Science, Information Security, or a related field

- Minimum 2 years of experience as a Level 2 SOC Analyst

- Experience with SIEM tools (e.g., Splunk, QRadar, LogRhythm, Stellar Cyber, Elastic SIEM)

- Strong proficiency in Endpoint Protection tools such as Crowdstrike or Tanium

- Experience with ProofPoint and Wiz

- Advanced knowledge of intrusion detection/prevention systems (IDS/IPS) and firewall technologies

- In-depth understanding of network protocols, operating systems, and cybersecurity best practices

- Proven experience in incident response and threat intelligence

- Experience supporting cyber incidents (DFIR)

- Demonstrated skills in malware analysis, Cyber Threat Intelligence (CTI), and cyber threat hunting

- Excellent analytical and problem-solving skills

- Strong written and verbal communication abilities in English

Preferred Qualifications:

- Relevant certifications such as CySA+, GCIH, GCIA, or equivalent

- Experience with scripting languages (e.g., Python, PowerShell) for automation

- Knowledge of cloud security and containerization technologies

- Familiarity with compliance frameworks (e.g., ISO 27001, SOC 2, PCI DSS)

- Hands-on experience with AI-driven security tools and machine learning applications in cybersecurity

Work Environment:

- Remote or hybrid in Mexico City, Monterrey, or Guadalajara

- Regular daytime business hours with rotating weekend coverage

- Part of a global team operating in a follow-the-sun model

- Opportunity for professional growth and skill development in a dynamic cybersecurity environment

The ideal candidate will be a seasoned SOC professional with a proven track record in handling complex security incidents and a commitment to maintaining a strong security posture for our client's global manufacturing operations. Join this team and play a crucial role in protecting the organization's digital assets and ensuring business continuity.