SOC Analyst Remote WFH Argentina

at  Nearshore Cyber

We are seeking a highly skilled and motivated SOC Analyst/Security Analyst to join our team. The ideal candidate will have a strong background in cybersecurity, with experience in threat detection, incident response, and security operations.
Candidates must be located in Latin America. Applications from outside of LATAM will not be accepted.

CORE SKILLS REQUIRED:

• Knowledge of security monitoring architecture and expert knowledge in the SIEM & EDR technology space
• Malware investigation and triage. Reverse engineering is not required.
• Strong understanding of network security principles, protocols, and technologies
• Experience with SIEM platforms such as Elastic
• Excellent analytical and problem-solving skills
• Effective communication skills, both written and verbal
• Ability to work independently and collaboratively in a fast-paced environment
• Ability to design and apply techniques for detecting host and network-based intrusions using intrusion detection technologies for both cloud and on-premise infrastructures
• Ability to automate repeating tasks within security operations
• Knowledge of cloud security principles
• Knowledge of computer networking concepts and protocols, as well as network security methodologies.
• Knowledge of cybersecurity and privacy principles, cyber threats, and vulnerabilities.
• Knowledge of key concepts in security management (e.g., Vulnerability Management, Patch Management).
• Knowledge of system administration, network, and operating system hardening techniques.
• Knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
• Capability to lead the continuous improvement of our Detection & Response capabilities.

Requirements:

• 3+ years of proven experience working in a SOC or similar cybersecurity role
• Security-related certifications
• Experience with Elastic Stack (Elasticsearch, Logstash, Kibana) and an EDR/EPP product like SentinelOne
• Security-related accreditation from reputable organizations such as SANS Institute or ISC2
• Familiarity with scripting languages such as Python or PowerShell for automation tasks
• Experience with cloud security platforms (AWS, Azure, GCP)

• Monitor security alerts and respond to security incidents in real-time
• Conduct security investigations and analysis to identify and mitigate potential threats
• Perform regular security assessments and vulnerability scans
• Develop and maintain security documentation, including incident response plans and standard operating procedures
• Collaborate with other team members to enhance security posture and implement security best practices
• Stay up-to-date with the latest cybersecurity trends, threats, and technologies
• Draft regular status reports about KPIs/SLA fulfillment
• Monitors the health of customer security sensors and SIEM infrastructure
• Collects data and context necessary to initiate Level 2 escalation
• Delivers scheduled and ad-hoc reports
• Reporting to internal teams
• Develop use cases and workflows
• Ongoing learning of new technologies
• Any other task given by the direct manager