**Descripción del puesto**:- Responsible for planning and coordinating all the activities required to perform, monitor, and report on the incident Management process.- You will be point of contact for all the critical incidents and will be responsible for closure.- You would be required to lead the team in the right direction to determine root cause, propose workaround or bypass if root cause cannot be found. Priority will be always to minimize impact to business and operations to meet Service Level Agreement.- Initiate, schedule and conduct post incident reviews as needed and ensure to build the knowledge.**Requisitos**:- 4-6 years of Information Security experience. Minimum 4 years in a large 24x7 Security Operations Centre (SOC)- Correct root cause analysis as well identify suitable corrective steps.- Perform deep packet analysis, collection of IOC (Indicator of Compromise).- Threat mitigation and reporting are top priority for this position.- Advanced working skills with Microsoft Sentinel, Qradar, LogRhythm, Arcsight and Splunk etc. Relevant certification is a plus. Good working knowledge with SOAR and EDR tools.- Investigate and respond to security incidents. Document and report on information security issues- Investigate, document, and report on information security issues and emerging trends- Monitor for threats, analyze, and escalate as per process.- Review, triage security alerts, provide analysis, suggest remediation, track remediation.- Support in resolving security incidents.- Respond to incidents by collecting, analyzing and preserving digital evidence to assist with remediation of critical information security incidents.- Ability to write technical documentation and present technical briefings to diverse audiences.- Strong understanding of threat landscape in terms of the tools, tactics, and techniques of threats employing both commodity and custom malware.- Current knowledge of security threat intelligence and recent attack vectors- Knowledge on ITIL processes- Relevant security certification will be a plus.- Basic knowledge about AWS and Azure- Security events, incident review and triage experience with Endpoint Detection and Response (EDR) tools- Ability to conduct detailed analysis of various security related events like Phishing, Spoofing, Ransomware and SQL Injections etc.- Incident Response experience (identifying, investigating, and responding to complex attacks)- Excellent Communication skills**Beneficios**:Horarios de 9:00am a 6:00 pm- Sueldo base: SIN DEFINIR/ ABIERTO A NEGOCIAR DE ACUERDO A EXPERIENCIA- Cotización al 100% nominal o esquema Mixto.- Prestaciones de ley + Prestaciones superiores (Seguro de gastos médicos mayores, seguro de vida, vales de despensa, etc)- Ubicación: FORMA HIBRIDA en Monterrey, días a negociar en oficina y home office.- Contrato/ contratación indefinida.