SNOC Engineer III

Job not on LinkedIn

🔥 8 minutes ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

DYOPATH

WebsiteLinkedInAll Job Openings

501 - 1000 employees

Founded 2020

🔒 Cybersecurity

Cybersecurity • Cloud • IT Services

DYOPATH is a company dedicated to providing comprehensive IT solutions aimed at enhancing organizational performance and security. They offer a wide range of services including advanced security services, managed security, cloud services, IT outsourcing, and managed services. DYOPATH is focused on helping clients navigate the challenges of cyber threats, complex IT environments, and talent shortages. Their services are designed to be secure, always available, and aimed at improving communication, efficiency, and productivity within organizations. DYOPATH places a high priority on customer satisfaction and efficiency improvements, making them a trusted partner in IT success for large and small organizations alike.

📋 Description

• Drive continuous improvement within SNOC security operations by identifying opportunities to enhance monitoring, response workflows, automation, and operational efficiency • Serve as the primary escalation point for complex security incidents, providing advanced technical analysis and resolution support to the SNOC engineering team. • Support the development and maintenance of operational documentation including security runbooks, incident response procedures, investigation guides, and knowledge base articles. • Identify and analyze potential security risks, vulnerabilities, and suspicious activity across network, system, endpoint, identity, and cloud environments, recommending remediation actions. • Assist in strengthening security monitoring capabilities by improving detection logic, tuning alerts, and contributing to SIEM analytics rules and automation workflows. • Provide mentorship and technical guidance to junior SNOC engineers during investigations, troubleshooting, and incident response activities. • Support security compliance initiatives by ensuring operational activities, incident investigations, and response actions are properly documented to support audits and reporting. • Participate in validation and testing of incident response procedures, disaster recovery plans, and operational readiness exercises. • Act as the technical lead for high-severity security incidents, coordinating investigation activities and guiding containment, eradication, and recovery efforts. • Perform advanced threat analysis using SIEM, EDR, identity protection, and network telemetry platforms to identify malicious or suspicious activity. • Investigate complex security alerts and correlated incidents across endpoint, identity, email, cloud, and network security platforms. • Develop and refine detection capabilities including SIEM analytics rules, threat hunting queries, alert enrichment logic, and automated response playbooks. • Provide escalation support during major incidents, assisting with root cause analysis, containment strategies, and post-incident documentation. • Collaborate with engineering, infrastructure, and client teams to implement remediation actions and long-term risk mitigation strategies. • Support onboarding and integration of security telemetry from new platforms and security technologies into the monitoring environment. • Ensure security investigations, incidents, and operational actions are accurately documented within ticketing and case management systems.

🎯 Requirements

• Bachelor’s degree in Cybersecurity, Information Technology, or related field preferred (or equivalent experience). • Preferred professional certifications: • GIAC (GCIH, GCIA, GCFA) • CompTIA CySA+ or CASP+ • Microsoft Certified: Azure Security Engineer Associate • AWS Certified Security – Specialty • Cisco CCNP or equivalent • Advanced knowledge of security operations, incident investigation, and threat detection methodologies. • Experience with SIEM and security monitoring platforms such as Microsoft Sentinel, Wazuh, SentinelOne, or similar technologies. • Strong understanding of networking fundamentals, endpoint security, identity protection, and cloud security environments (Azure, AWS, or similar). • Experience performing advanced log analysis, threat hunting, and alert triage across multiple telemetry sources. • Ability to troubleshoot complex security issues and provide leadership during high-severity operational events. • Strong written and verbal communication skills for both internal operational documentation and client-facing discussions. • Experience improving security monitoring through detection engineering, alert tuning, and security automation. • Familiarity with security frameworks, compliance standards, and operational security best practices.

🏖️ Benefits

• Aguinaldo (25 days – above legal requirement) • Vacation + 25% premium • IMSS + Major medical insurance (family included) • Monthly savings fund + pantry vouchers • Transportation assistance • Quarterly performance bonus opportunities • Paid life events leave (parental, marriage, bereavement)