Cyber Security ArchitectEngineer II

The Cyber Security Engineer is a key member of our global Security Operations team supporting a Gartner Level 4 Security Operations Center (SOC) maturity environment. This role focuses on delivering operational security capabilities across threat detection incident response security engineering and continuous improvement of SOC tools and processes. The engineer will evaluate emerging threats optimize security technologies and provide technical expertise to enhance the organizations detection and response posture. Reports to: Cyber Security Director / SOC Leadership (as defined by org structure).

JOB DUTIES:

• Monitor emerging threats and continuously evaluate SOC tools workflows and operational processes.
• Recommend improvements that increase standardization automation and operational efficiency across SOC capabilities.
• Maintain and develop SLAs operational metrics and reporting on SOC tool performance and detection effectiveness.
• Develop maintain and enhance SOC documentation policies and operational procedures.
• Support identification triage investigation containment and remediation of security incidents.
• Ensure proper audit trails exist for detection investigation and corrective actions.
• Enforce security policies and risk/exception management processes.
• Provide Tier 2/3 escalation support for security incidents and operational issues.
• Collaborate with crossfunctional teams including Network Architecture Data Center HR and Legal during investigations.
• Contribute to ongoing and emerging cybersecurity initiatives and SOC modernization efforts.
• Mentor junior SOC analysts contributing to skill development and operational maturity.
• Participate in evaluation configuration and deployment of new security tools and enhancement of existing SOC capabilities.
• Support SIEM SOAR and XDR tuning and rule engineering.
• Contribute to cloud security monitoring (Azure/AWS/GCP).
• Perform threat hunting and assist in forensic analysis.
• Participate in automation efforts to reduce manual analyst workload.

YOU MUST HAVE:

• Minimum 3 years of relevant cybersecurity or SOC experience.
• Strong understanding of network technologies and protocols.
• Experience with IDS/IPS SIEM firewalls and proxy technologies.
• Knowledge of security incident handling processes.
• Ability to conduct threat hunting forensic analysis and basic penetration testing.
• Strong English communication skills (verbal and written).
• Ability to manage workload and meet deadlines independently and within teams.
• Advanced written and verbal English communication skills.

WE VALUE:

• Experience with SIEM technologies (Splunk Sentinel QRadar etc.).
• Strong technical documentation skills.
• Relevant certifications: GSEC PenTest Security CISSP (or in progress).

BEHAVIORAL COMPETENCES:

• Strong analytical troubleshooting and problemsolving skills.
• Ability to adapt quickly to changing priorities in a fastpaced SOC environment.
• Collaborative mindset willing to mentor and support peers.
• Strong attention to detail and operational discipline.

WHATS IN IT FOR YOU

• Benefits that go beyond Mexican labor law ensuring your well-being and peace of mind.
• A collaborative and inclusive work environment where your contributions are valued.
• Opportunities for continuous professional growth and skill development through training mentoring and challenging projects.
• Access to cutting-edge tools resources and a supportive team to help you excel.
• The chance to work with a global innovative company shaping the future in its industry.

#LI-AM2

#LI-HYBRID