Job Summary: The Cybersecurity Engineerr is an expert cybersecurity professional tasked with managing and supporting complex client operating system environments. This role ensures high levels of system availability and performance while addressing sophisticated security threat incidents. The SOC Engineer plays a critical role in enhancing the organization's cybersecurity defenses through advanced threat detection, incident response, and security infrastructure management. **Responsibilities**: **Experience**: - Minimum of 3+ years of experience in cybersecurity, with at least 2 years in a SOC Analyst role. - Demonstrated expertise in managing and responding to complex security incidents. - Experience in advanced threat hunting and implementing robust security measures. **Education**: - Computer Science, Engineering, IT bachelor's degree or equivalent working experience. - Have at least one of the following certifications: GIAC Certified Incident Handler, Microsoft (AZ-500, SC-200 or SC-300), AWS (Security Specialty), EC-Council (Ethical Hacker, Network Defense) or similar certification. - Additional certifications are advantageous. **Technical Skills**: - Knowledge in infrastructure operations management - Knowledge in patching & remediation cycles. - Knowledge of Active Directory services (on premise & Azure). - Proven experience in cybersecurity engineering, with a strong understanding of networking protocols, security architecture, and threat landscape. - Experience with security tools such as firewalls, intrusion detection/prevention systems, antivirus software, SIEM solutions, and penetration testing tools. - Knowledge of Security Incident Management. - Microsoft Security Associate Certified (one of the following: SC200, SC300, or AZ500). - Knowledge of IT Security Auditing. - Strong problem-solving skills and the ability to analyze complex technical issues. - Knowledge of NIST 800-53, CisControls, ISO-27000, PCI DSS and GDPR. - Additional Requirements (depending on role): - Excellent communications skills. - On-call availability. - Flexible schedules **Required Technical Proficiencies**: - Monitoring & Analysis Tools: Advanced proficiency with SIEM platforms (e.g.,MS Sentinel), EDR solutions, and other security monitoring tools. - Incident Response Techniques: Expertise in incident handling, containment, eradication, and recovery techniques. - Malware Analysis: Advanced skills in analyzing and dissecting malware to understand its behavior and impact. - Ability to map security incidents and adversary tactics, techniques, and procedures (TTPs) to the MITRE ATT&CK; matrix. **Language Skills**: - English - Spanish Language (Oral and writing 85 % or higher), (C1+ or above). Skills and Experience: - Provide advanced analysis L3 of security events and alerts using SIEM tools. - Design, implement, and maintain security measures to protect digital systems, networks, and data from unauthorized access, cyberattacks, and other security breaches. - Manage firewalls, intrusion detection/prevention systems, and other security infrastructure components to ensure optimal protection. - Collaborate with development teams to address and remediate identified vulnerabilities. - Support and help expand SSO Platform integrations and our user access management lifecycle. - Assist with responding to, and managing, any Security Information Gathering (SIG) questionnaires, any required compliance audits and/or maturity assessments from 3rd parties. - Educate our users on cybersecurity best practices and manage our cybersecurity awareness training and phishing assessment programs. - Communicate effectively and perform due diligence to get to the root cause of any issue. - Assist with the design, development, documentation, and enforcement of new and existing information security processes, procedures, and policies. - Collaborate with the IT and HR teams to ensure IT asset management and employee onboarding/offboarding lifecycle(s) are secured. - Participate in an on-call rotation as needed for supporting both local and remote users.