Job Description
RCube IT Mexico is hiring a SOC Engineer for a 6+ month contract. The ideal candidate will have extensive experience in SOC environments, threat detection, and incident response, with expertise in Palo Alto Cortex XDR and XQL queries.
Responsibilities:
- Manage SIEM, EDR, and IDS/IPS tools to monitor and detect security threats.
- Utilize Palo Alto Cortex XDR and XQL queries for in-depth security analysis.
- Conduct proactive threat hunting and implement incident response strategies.
- Integrate threat intelligence feeds into security tools for enhanced threat detection.
- Develop correlation rules within SIEM to detect sophisticated attack patterns.
- Automate security operations using Python or PowerShell.
- Analyze user behaviors and network traffic to identify suspicious activities.
- Configure, fine-tune, and optimize SOC tools for maximum efficiency.
- Utilize machine learning and behavioral analytics to detect anomalies.
- Maintain strong vendor relationships for security solution management.
Job Requirements
• Extensive SOC experience in threat detection, incident response, and threat hunting.
• Hands-on experience with Palo Alto Cortex XDR and XQL queries.
• Proficiency in SIEM (Splunk), EDR (Cortex), and IDS/IPS (Snort, Suricata).
• Knowledge of cloud, network, and application security.
• Strong scripting skills in Python and PowerShell for security automation.
• Experience with MITRE ATT&CK framework for advanced threat detection.
• Strong analytical, problem-solving, and communication skills.
Preferred Qualifications
• CISSP, CISM, CEH, OSCP, or GIAC certifications.
• Experience in the Biotech/Pharma industry is a plus.
• Ability to work in a fast-paced SOC environment and adapt to emerging threats.
• Apply Now! Send your resume.
About the Company
RCube IT Mexico is a leading IT and cybersecurity services provider, offering cutting-edge security solutions to safeguard businesses from evolving cyber threats.