Principal SOC Engineer - Remote from CDMX

Principal SOC Engineer - Remote from Mexico City

Location: Remove from Mexico City, Monterrey, Querétaro, Guadalajara, or The Philippines

Employment Type: Permanent, Full-Time
Shift: Days in local time zone

We are seeking a Principal SOC Engineer on behalf of our client, a fast-growing cybersecurity company specializing in Managed Detection and Response (MDR) for US-based startups. This role is ideal for a highly technical professional who thrives in a remote, collaborative, and dynamic environment.

Role Overview

This position focuses on engineering and integration within a small, specialized team. You will primarily work with tools like Microsoft Sentinel, SentinelOne, and potentially Panther, with minimal responsibilities for intrusion analysis and incident response.

Key Responsibilities

• SIEM/EDR Expertise: Deploy, maintain, and optimize tools such as Microsoft Sentinel, SentinelOne, and other relevant platforms.
• Detection Rule Development: Write and tune detection rules to minimize noise while maximizing actionable signals. Stay updated on emerging threats and ensure coverage.
• Python and Automation: Develop scripts to integrate unsupported data sources into Panther or other platforms. Familiarity with CI/CD pipelines and Git is preferred.
• Cloud and Systems Knowledge: Operate in environments with AWS, Kubernetes, MacOS, Google Workspace, and Okta. Understand Kubernetes sigma rules and have basic Terraform experience.
• Documentation: Contribute to the internal wiki by documenting workflows, configurations, and processes.
• Independent Problem-Solving: Work autonomously, with regular check-ins, to meet objectives and solve challenges.

Preferred Skills and Qualifications

• Deep technical knowledge with strong Python skills.
• Experience with at least one SIEM and one EDR platform (e.g., Microsoft Sentinel, SentinelOne, CrowdStrike, Defender ATP).
• Knowledge of Linux systems and cloud-based environments.
• Comfortable with detection rule writing, tuning, and noise filtering.
• Familiarity with startup environments, remote work, and small team dynamics.
• An appetite for learning and adaptability to new technologies.

What Sets You Apart

• Experience with Panther (preferred but not required).
• Hands-on Terraform use or understanding.
• Demonstrated ability to use and integrate APIs for automation.
• Enthusiasm for contributing to a knowledge-sharing culture.

About Our Client

Our client values individuals who are passionate about technology, self-motivated, and eager to learn. You will have the opportunity to work on cutting-edge projects with innovative startups in a supportive, flexible environment.