About the role
Key Skills: Cloud Security, AWS, SIEM, CrowdStrike, Incident Response, Docker, Kubernetes, IDS/IPS
Experience: +3 years
Location: Hermosillo, Mexico
Mode: Onsite
- Support and enhance security operations (SecOps) in cloud and enterprise environments
- Monitor, analyze, and respond to security alerts using SIEM, EDR, and IDS/IPS tools
- Work with AWS cloud environments, ensuring adherence to security best practices
- Investigate and support incident response and threat analysis activities
- Perform log analysis and correlate events to identify potential threats
- Contribute to vulnerability management processes, including identification, prioritization, and remediation tracking
- Collaborate with cross-functional teams to improve overall security posture
- Support containerized environments using Docker and Kubernetes
- Use basic scripting (Python or Bash) to automate tasks and improve efficiency
- Document findings, processes, and remediation actions clearly (Confluence/Jira)
- Proactively identify risks and recommend improvements to security controls and processes
- 3–5 years of experience in Security Operations, Cloud Security, or Cybersecurity roles
- Hands-on experience with:
- AWS cloud platforms
- CrowdStrike Falcon or similar EDR solutions
- SIEM tools and log analysis
- IDS/IPS technologies
- Basic understanding of cloud security principles and best practices
- Familiarity with Docker and Kubernetes environments
- Experience supporting incident response and security investigations
- Knowledge of vulnerability management processes
- Basic scripting skills (Python or Bash preferred)
- Strong analytical, troubleshooting, and problem-solving abilities
- Good communication and collaboration skills
- Ability to work onsite in Hermosillo, Mexico
- CrowdStrike Falcon Complete (Administrator) Certification
- Advanced certifications such as CISSP, CEH, or AWS Certified Security – Specialty
- Experience with DevSecOps practices, including automation and shift-left security
- Hands-on experience with Infrastructure as Code tools (Terraform, Ansible, Chef)
- Experience building security roadmaps and strategies
- Ability to translate technical risks and incidents for non-technical stakeholders (including C-level)
- AWS Cloud Platform
- CrowdStrike Falcon Complete (Cloud Security & Endpoint Protection)
- SIEM Solutions
- Vulnerability Scanners & IDS
- Abnormal (Email Security)
- Cloudflare (Warp/VPN) or similar
- Jira, Confluence, Slack
- Datadog
- Docker & Kubernetes
- Strong willingness to learn and grow in cloud security and SecOps
- Detail-oriented and team-focused mindset
- Excellent communication skills across technical and non-technical teams
- Proactive and self-driven problem solver
- Ability to thrive in a fast-paced, collaborative environment
- Adaptability to evolving technologies and security practices