SNOC Engineer III (Mexico)

Why You’ll Love Working Here

• Purpose with Passion – A culture guided by the L.O.V.E. philosophy (Living Our Values Every Day).
• Grow & Thrive – Certifications, security training, and professional development opportunities.
• Award-Winning Culture – Known for outstanding service internally and externally.
• Teamwork & Respect – A collaborative, uplifting environment where achievements are celebrated.

Benefits

• Aguinaldo (25 days – above legal requirement)
• Vacation + 25% premium
• IMSS + Major medical insurance (family included)
• Monthly savings fund + pantry vouchers
• Transportation assistance
• Quarterly performance bonus opportunities
• Paid life events leave (parental, marriage, bereavement)

Role Overview

• Location: Remote (Mexico)
• Schedule: 1st Shift (8a-5p CST); Monday through Friday
• Salary: 37,500 MXN (monthly)

Your Mission as a SNOC Engineer III (Security)

• Drive continuous improvement within SNOC security operations by identifying opportunities to enhance monitoring, response workflows, automation, and operational efficiency
• Serve as the primary escalation point for complex security incidents, providing advanced technical analysis and resolution support to the SNOC engineering team.
• Support the development and maintenance of operational documentation including security runbooks, incident response procedures, investigation guides, and knowledge base articles.
• Identify and analyze potential security risks, vulnerabilities, and suspicious activity across network, system, endpoint, identity, and cloud environments, recommending remediation actions.
• Assist in strengthening security monitoring capabilities by improving detection logic, tuning alerts, and contributing to SIEM analytics rules and automation workflows.
• Provide mentorship and technical guidance to junior SNOC engineers during investigations, troubleshooting, and incident response activities.
• Support security compliance initiatives by ensuring operational activities, incident investigations, and response actions are properly documented to support audits and reporting.
• Participate in validation and testing of incident response procedures, disaster recovery plans, and operational readiness exercises.

Security Operations

• Act as the technical lead for high-severity security incidents, coordinating investigation activities and guiding containment, eradication, and recovery efforts.
• Perform advanced threat analysis using SIEM, EDR, identity protection, and network telemetry platforms to identify malicious or suspicious activity.
• Investigate complex security alerts and correlated incidents across endpoint, identity, email, cloud, and network security platforms.