Security Analyst – Contract

This is a fully remote position, open to applicants in Mexico.

📋 Description

• Oversee the deployment, configuration, testing, monitoring, and continuous maintenance of security technologies, including SIEM, EDR, DLP, WAF, CASB, Secure Web Gateway, URL filtering, email security, and application/vulnerability scanning platforms.

• Manage small-to-medium-sized security projects from the gathering of requirements through to design, testing, pilot execution, and implementation.

• Assist in proof-of-concept evaluations and product assessments to ensure that proposed solutions align with the security strategy, standards, and industry best practices.

• Serve as a service or tool owner by identifying enhancements, maintaining operational runbooks, and suggesting improvements for the tools you oversee.

• Create and maintain procedures, workflows, architecture diagrams, and operational playbooks that facilitate security monitoring and engineering tasks.

• Analyze and triage security events using technologies such as SIEM, EDR, DLP, WAF, CASB, Secure Web Gateway, and email security solutions.

• Identify, respond to, and assist with investigations of security incidents while documenting root-cause analyses and lessons learned.

• Adhere to established incident response protocols and playbooks, escalating critical findings promptly and effectively.

• Utilize analytical and adversarial thinking to identify, protect, detect, respond to, and recover from common cyber threats and attack vectors.

• Conduct and support secure baseline reviews, infrastructure scanning, endpoint scanning, application vulnerability assessments, penetration testing validation, and AI red-teaming exercises.

• Evaluate vulnerability findings for accuracy and completeness while collaborating with stakeholders to prioritize remediation efforts based on risk.

• Report critical vulnerabilities, zero-day threats, and high-priority risks while assisting in rapid mitigation strategies.

• Engage in continuous enhancements of vulnerability management workflows through automation and the incorporation of security testing into CI/CD pipelines.

• Carry out security risk assessments for internal projects, product enhancements, vendors, and productivity tools.

• Execute STRIDE-based threat modeling for internal projects and AI-enabled solutions, generating actionable recommendations and comprehensive risk reports.

• Employ a risk-based perspective to assess Agentic AI technologies and AI-related security risks.

• Perform vendor risk assessments within OneTrust and contribute to broader third-party risk management initiatives.

• Identify opportunities to strengthen controls, enhance processes, and improve security outcomes across teams.

• Keep updated on emerging threats, technologies, and industry best practices, sharing pertinent insights with colleagues and stakeholders.

⛳️ Requirements

• Bachelor’s degree in Technology Management, Information Security, Computer Science, Computer Engineering, or equivalent practical experience.

• 3–5 years of experience in Information Security, Security Engineering, or Security Operations.

• At least one industry-recognized security certification (CISSP, CISA, CCSP, or equivalent).

• Experience with public cloud platforms such as AWS, IBM Cloud, or Google Cloud Platform (GCP).

• Strong understanding of securing cloud environments, operating systems, networks, databases, and applications.

• Practical experience with security technologies including SIEM, WAF, DLP, EDR, and infrastructure/application vulnerability scanners.

• Familiarity with industry frameworks and standards such as NIST CSF and ISO 27001/27002.

• Knowledge of controls and compliance requirements related to SOC 1, SOC 2, PCI, and HIPAA.

• Excellent written and verbal communication skills capable of clearly documenting findings and communicating risk.

• Strong problem-solving abilities, accountability, and a commitment to continuous learning.

• Proficiency in English.

🏝️ Benefits

• Performance bonuses

• Variable compensation program