Job Description

Position: SOC Analyst L2

Location: Guadalajara (On-site with one day remote)
Position Type: Full-time
Time Zone: CST/EST
Duration: Permanent

Working Hours/Shift:

• 1st Shift: 7:00 AM - 5:30 PM CST (local time)
• 2nd Shift: 1:30 PM - 12:00 AM EST
• 3rd Shift: 11:00 PM - 9:30 AM EST

Notes:

• 2nd and 3rd shifts are subject to change with EST time zone changes.
• Shifts consist of 4, 10-hour days: Sunday - Wednesday OR Wednesday - Saturday.
• Shift differential pay: 7.5% for 2nd shift, 15% for 3rd shift.
• Training hours: Monday - Friday, 8:30 AM - 4:30 PM EST for the first several weeks.
• Analysts can work remotely one day per week (except Wednesdays).

Salary Range: Competitive, based on experience

Job Responsibilities

Daily Activities:

• Monitor, respond to, and analyze SIEM alerts from monitoring tools.
• Provide technical guidance and recommendations to clients to enhance their overall security posture.
• Handle daily incidents; monitor, track, analyze, and record security events.
• Collaborate with vendors, outside consultants, and third parties to improve information security within the organization.
• Respond to security-related tickets escalated from clients, working collaboratively to resolve security events.
• Work with other IT professionals to resolve fast-moving vulnerabilities such as spam, viruses, spyware, and malware.
• Monitor security vulnerability information from vendors and third parties.
• Create weekly and monthly status reports, including daily technical task reports and contract deliverables.

Skills and Qualifications

• Strong written, verbal, and non-verbal communication skills, especially in conveying complex information in an understandable manner.
• Proficiency with SIEM tools is a must.
• Minimum of 2-4 years of experience working with Microsoft Active Directory.
• Ability to analyze and resolve complex technical and business problems.
• Proficient knowledge in three or more of the following technologies: Application/stateful/UTM firewalls, SIEM, DLP, web content filtering, web application firewalls (WAF), vulnerability scanning and penetration testing, IPS/IDS, Security Operations Center operations, wireless networking, UNIX, AIX & Solaris, Linux, Windows Server Operating Systems, endpoint protection, and malware.
• Knowledge of Windows Server platforms (2003-2012).
• Working knowledge of analyzing IIS, SQL, firewall, IPS/IDS, and Windows logs.
• Ability to analyze IANA assigned ports (well-known, registered, dynamic, and private ports).
• Ability to troubleshoot common network devices, network vulnerabilities, and network attack patterns.
• Ability to troubleshoot Windows Event IDs.
• Interact with all levels of management.
• Make decisions based on many variables.
• Manage multiple tasks/projects simultaneously.
• Minimum of a Bachelor's Degree in Computer Science, Telecommunications Management, Electrical Engineering, or a related field, or 4 years of relevant experience.

Must Have:

• Minimum of 2 years of experience with SIEM tools in a SOC environment.
• On-site availability.
• High proficiency in English.
• Strong communication skills.
• Strong knowledge of networking and cybersecurity.

Nice to Have:

• SEC+ Certification.
• Previous experience working in a SOC.
• Client-facing experienc