Resumen del rol

SNOC Engineer III (Mexico)

Requisitos y responsabilidades

Contenido del rol extraído en secciones para revisar más rápido.

Why You’ll Love Working Here

  • Purpose with Passion – A culture guided by the L.O.V.E. philosophy (Living Our Values Every Day).
  • Grow & Thrive – Certifications, security training, and professional development opportunities.
  • Award-Winning Culture – Known for outstanding service internally and externally.
  • Teamwork & Respect – A collaborative, uplifting environment where achievements are celebrated.

Benefits

  • Aguinaldo (25 days – above legal requirement)
  • Vacation + 25% premium
  • IMSS + Major medical insurance (family included)
  • Monthly savings fund + pantry vouchers
  • Transportation assistance
  • Quarterly performance bonus opportunities
  • Paid life events leave (parental, marriage, bereavement)

Role Overview

  • Location: Remote (Mexio)
  • Schedule: 1st Shift (8a-5p CST); Monday through Friday
  • Salary: 37,500 MXN (monthly)

Your Mission as a SNOC Engineer III (Security)

  • Drive continuous improvement within SNOC security operations by identifying opportunities to enhance monitoring, response workflows, automation, and operational efficiency
  • Serve as the primary escalation point for complex security incidents, providing advanced technical analysis and resolution support to the SNOC engineering team.
  • Support the development and maintenance of operational documentation including security runbooks, incident response procedures, investigation guides, and knowledge base articles.
  • Identify and analyze potential security risks, vulnerabilities, and suspicious activity across network, system, endpoint, identity, and cloud environments, recommending remediation actions.
  • Assist in strengthening security monitoring capabilities by improving detection logic, tuning alerts, and contributing to SIEM analytics rules and automation workflows.
  • Provide mentorship and technical guidance to junior SNOC engineers during investigations, troubleshooting, and incident response activities.
  • Support security compliance initiatives by ensuring operational activities, incident investigations, and response actions are properly documented to support audits and reporting.
  • Participate in validation and testing of incident response procedures, disaster recovery plans, and operational readiness exercises.

Security Operations

  • Act as the technical lead for high-severity security incidents, coordinating investigation activities and guiding containment, eradication, and recovery efforts.
  • Perform advanced threat analysis using SIEM, EDR, identity protection, and network telemetry platforms to identify malicious or suspicious activity.
  • Investigate complex security alerts and correlated incidents across endpoint, identity, email, cloud, and network security platforms.
  • Develop and refine detection capabilities including SIEM analytics rules, threat hunting queries, alert enrichment logic, and automated response playbooks.
  • Provide escalation support during major incidents, assisting with root cause analysis, containment strategies, and post-incident documentation.
  • Collaborate with engineering, infrastructure, and client teams to implement remediation actions and long-term risk mitigation strategies.
  • Support onboarding and integration of security telemetry from new platforms and security technologies into the monitoring environment.
  • Ensure security investigations, incidents, and operational actions are accurately documented within ticketing and case management systems.

Education & Certifications

  • Bachelor’s degree in Cybersecurity, Information Technology, or related field preferred (or equivalent experience).
  • Preferred professional certifications:GIAC (GCIH, GCIA, GCFA)CompTIA CySA+ or CASP+Microsoft Certified: Azure Security Engineer AssociateAWS Certified Security – SpecialtyCisco CCNP or equivalent
  • GIAC (GCIH, GCIA, GCFA)
  • CompTIA CySA+ or CASP+
  • Microsoft Certified: Azure Security Engineer Associate
  • AWS Certified Security – Specialty
  • Cisco CCNP or equivalent

Details

  • GIAC (GCIH, GCIA, GCFA)
  • CompTIA CySA+ or CASP+
  • Microsoft Certified: Azure Security Engineer Associate
  • AWS Certified Security – Specialty
  • Cisco CCNP or equivalent

Experience & Skills

  • Advanced knowledge of security operations, incident investigation, and threat detection methodologies.
  • Experience with SIEM and security monitoring platforms such as Microsoft Sentinel, Wazuh, SentinelOne, or similar technologies.
  • Strong understanding of networking fundamentals, endpoint security, identity protection, and cloud security environments (Azure, AWS, or similar).
  • Experience performing advanced log analysis, threat hunting, and alert triage across multiple telemetry sources.
  • Ability to troubleshoot complex security issues and provide leadership during high-severity operational events.
  • Strong written and verbal communication skills for both internal operational documentation and client-facing discussions.
  • Experience improving security monitoring through detection engineering, alert tuning, and security automation.
  • Familiarity with security frameworks, compliance standards, and operational security best practices.
Roles similares

Mantén una lista de respaldo.

Ver stack
FocoSecurity OperationsÁrea del rol
Señal de seniorityMiddleNivel del candidato
StackAWS, AzureSkills principales
Ubicación1 país aceptadoElegibilidad

Stack

Usa estas tags para comparar roles remotos similares.

Elegibilidad de ubicación

Candidatos deberían aplicar solo cuando el país del perfil aparece aquí.

Tu perfilPaís no definidoInicia sesión para comparar tu país con este rol.

Flujo de contratación

WithMira muestra el rol y luego envía candidatos a la aplicación de la empresa.

1Revisa fit del rol, stack y elegibilidad de ubicación en WithMira.
2Abre la página de aplicación de la empresa desde el link rastreado.
3Guarda el rol o suscríbete a oportunidades similares antes de salir.