
SOC Engineer
Posted 5 days ago

Posted 5 days ago
This is a fully remote position, open to applicants in Mexico.
• Manage and maintain the SIEM (Security Information and Event Management).
• Oversee and sustain the SOAR (Security Orchestration, Automation, and Response).
• Configure log sources, ensuring the proper ingestion of events from critical systems.
• Design and maintain correlation rules and alerts for threat detection.
• Develop and uphold incident response playbooks, standardizing the analysis and containment process.
• Conduct threat analysis activities, triage, and incident response.
• Collaborate with infrastructure and development teams to mitigate risks and vulnerabilities.
• Manage incident simulation exercises.
• Analyze alerts and conduct incident investigations to identify threats, exploits, vulnerabilities, or anomalous behaviors.
• Contribute to the automation of SOC tasks through the development of tools, threat intelligence, integrations, or SOAR tools.
• Experience with SIEM tools (Splunk, OpenSearch, Sentinel, QRadar, etc.).
• Knowledge in log analysis, threat detection, MITRE ATT&CK, and forensic analysis.
• Experience in scripting or automation (Python, bash).
• Familiarity with Open Source technologies (OpenSearch, Wazuh).
• Understanding of incident response processes (NIST 800-61, SANS).
• Work culture based on trust and purpose.
• Space for ideas and feedback.
• Transparency in communication.
CACI International Inc
World Wildlife Fund
Get handpicked remote jobs straight to your inbox weekly.