Match score not available

Principal SOC Engineer - Remote from CDMX

Remote:

Full Remote

Contract:

Full time

Work from:

Mexico

Offer summary

Qualifications:

Deep technical knowledge with strong Python skills, Experience with SIEM and EDR platforms, Knowledge of Linux and cloud environments, Familiarity with Kubernetes and Terraform.

Key responsabilities:

Deploy, maintain, and optimize security tools
Write, tune detection rules and provide documentation

Nearshore Cyber Cybersecurity Startup https://nearshorecyber.com.mx/

2 - 10 Employees

See all jobs

Job description

Principal SOC Engineer - Remote from Mexico City

Location: Remove from Mexico City, Monterrey, Querétaro, Guadalajara, or The Philippines

Employment Type: Permanent, Full-Time
Shift: Days in local time zone

We are seeking a Principal SOC Engineer on behalf of our client, a fast-growing cybersecurity company specializing in Managed Detection and Response (MDR) for US-based startups. This role is ideal for a highly technical professional who thrives in a remote, collaborative, and dynamic environment.

Role Overview

This position focuses on engineering and integration within a small, specialized team. You will primarily work with tools like Microsoft Sentinel, SentinelOne, and potentially Panther, with minimal responsibilities for intrusion analysis and incident response.

Key Responsibilities

SIEM/EDR Expertise: Deploy, maintain, and optimize tools such as Microsoft Sentinel, SentinelOne, and other relevant platforms.
Detection Rule Development: Write and tune detection rules to minimize noise while maximizing actionable signals. Stay updated on emerging threats and ensure coverage.
Python and Automation: Develop scripts to integrate unsupported data sources into Panther or other platforms. Familiarity with CI/CD pipelines and Git is preferred.
Cloud and Systems Knowledge: Operate in environments with AWS, Kubernetes, MacOS, Google Workspace, and Okta. Understand Kubernetes sigma rules and have basic Terraform experience.
Documentation: Contribute to the internal wiki by documenting workflows, configurations, and processes.
Independent Problem-Solving: Work autonomously, with regular check-ins, to meet objectives and solve challenges.

Preferred Skills and Qualifications

Deep technical knowledge with strong Python skills.
Experience with at least one SIEM and one EDR platform (e.g., Microsoft Sentinel, SentinelOne, CrowdStrike, Defender ATP).
Knowledge of Linux systems and cloud-based environments.
Comfortable with detection rule writing, tuning, and noise filtering.
Familiarity with startup environments, remote work, and small team dynamics.
An appetite for learning and adaptability to new technologies.

What Sets You Apart

Experience with Panther (preferred but not required).
Hands-on Terraform use or understanding.
Demonstrated ability to use and integrate APIs for automation.
Enthusiasm for contributing to a knowledge-sharing culture.

About Our Client

Our client values individuals who are passionate about technology, self-motivated, and eager to learn. You will have the opportunity to work on cutting-edge projects with innovative startups in a supportive, flexible environment.