SNOC Engineer

About DYOPATH: DYOPATH is an award-winning cloud, security, and managed IT infrastructure leader dedicated to helping organizations navigate technology complexity with absolute operational clarity. Guided by our core L.O.V.E. philosophy (Living Our Values Every Day), we deliver comprehensive data protection, infrastructure governance, and proactive security operations center (SOC) environments to clients globally. DYOPATH champions a highly collaborative, supportive, and growth-oriented remote-first workspace that celebrates team milestones and invests heavily in continuous engineering certifications, technical advancement, and uncompromised excellence across all defensive security matrices.

Position Overview

We are seeking a highly autonomous, systems-fluent, and technically advanced SNOC Engineer III (Security) to serve as our premier tier-three incident mitigation leader under a permanent, full-time remote configuration open exclusively across Mexico. Operating on a stable 1st Shift track (8:00 AM — 5:00 PM CST, Monday through Friday), you will act as the principal engineering authority and technical lead for high-severity security incidents inside our unified Security Network Operations Center (SNOC). Shifting completely away from routine non-regulated customer support phone lines, basic checklist data updates, or superficial software installation tasks, you will operate an active multi-tenant SIEM analytics rule tuning, threat hunting query design, and cloud security containment laboratory. Partnering directly next to cross-functional infrastructure cells, engineering directors, and external client technical teams, you will optimize our macro-defensive security posture. This position requires a cybersecurity veteran with extensive hands-on history who handles defensive infrastructures fluidly natively using Cybersecurity, Technical Support, and Technical Writer primitives, structures automated playbooks seamlessly, and provides rigorous mentorship to level up junior security responders.

Key Responsibilities

• Incident Response & Threat Governance: Serve as the principal escalation point and technical lead for high-severity security threats, orchestrating real-time endpoint containment, malicious eradication, and recovery tracks natively utilizing Cybersecurity frameworks.
• Advanced Telemetry & Log Analysis: Conduct deep-dive threat analysis, log parsing, and alert triage across distributed telemetry nodes, including security monitoring applications like Microsoft Sentinel, Wazuh, or SentinelOne.
• Detection Engineering & Automation Control: Develop, tune, and refine advanced detection logic rules, SIEM analytics strings, automated enrichment scripts, and playbooks to continuously minimize false-positive fatigue.
• Infrastructure Risk Assessment: Investigate and isolate security vulnerabilities, network indicators of compromise (IOCs), and suspicious identity vectors across complex hybrid environments, recommending long-term remediation actions.
• Operational Knowledge Base Engineering: Author, review, and maintain comprehensive infrastructure documentation—encompassing incident response playbooks, investigative runbooks, and audit-ready reporting layouts natively deploying Technical Writer parameters.
• Tier-Three Engineering Support: Deliver high-level escalation troubleshooting and technical guidance to customer IT divisions during high-stakes operational security events natively leveraging Technical Support baselines.
• Junior Technical Mentorship: Provide active mentorship and instructional code and query advice to junior SNOC engineers during deep behavioral investigations and compliance tracking.
• Compliance Optimization & Readiness: Support rigorous internal and external security audits by ensuring all operational response tracking actions are perfectly documented within ticket case management repositories.

Required Skills & Qualifications

• Possess a formal Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a matching quantitative technical field (or verified equivalent high-level practical experience).
• A minimum of 4+ years of proven, successful professional technology experience operating inside a high-volume Security Operations Center (SOC) or Network Security cell, with a documented history managing complex incident investigations.
• Expert SIEM & EDR Platform Command: Meticulous hands-on track record constructing search queries, engineering alert parameters, and parsing infrastructure event records natively inside platforms like Microsoft Sentinel, Wazuh, or SentinelOne.
• Grounded functional comprehension of core networking fundamentals, endpoint security tools, identity access protection architecture, and multi-tenant cloud ecosystems (Microsoft Azure and/or AWS).
• Outstanding written, verbal, and textual presentation communication strengths in English, with an established background delivering scannable technology manuals and guiding technical client advisory calls.
• Shift & Schedule Alignment: Absolute availability to work a fixed Monday through Friday schedule synchronized explicitly to 8:00 AM — 5:00 PM CST (Central Standard Time) from your domestic workspace.
• Location Context: Position operates under remote guidelines open exclusively to qualified enterprise cybersecurity and threat hunting authorities residing permanently within Mexico.

Preferred Strategic Indicators (Nice to Have)

• Possess industry-standard professional ecosystem certifications, such as **GIAC (GCIH, GCIA, GCFA), CompTIA CySA+, CASP+, Microsoft Certified: Azure Security Engineer Associate, AWS Security Specialty, or Cisco CCNP**.
• Direct operational familiarity utilizing advanced query models or automated deployment scripts to accelerate log data parsing or playbook integration.
• An adaptable, conceptually sharp persona characterized by deep intellectual curiosity, independent evaluation judgment, and an eager drive to protect complex multi-cloud systems against sophisticated threats.

What We Offer

• Premium Mexico Security Leadership Remuneration Matrix: A highly competitive fixed salary scale of 37,500 MXN monthly calibrated precisely to your individual systems pedigree and defensive velocity, supplemented by quarterly performance bonus opportunities.
• 100% remote workspace infrastructure autonomy anywhere within Mexico, saving your daily schedule from stressful physical office traffic commute queues.
• Macro Cyber Defense Footprint: Elite professional landmarks achieved by single-handedly blueprinting the detection rules, incident runbooks, and security automation workflows protecting global customer cloud environments.
• Comprehensive physical preservation benefits, including legal IMSS registration and premium Major Medical Insurance (extending full coverage protection to your family).
• Access to an award-winning corporate culture featuring a generous 25-day Aguinaldo (above legal requirements), annual vacation accruals with a 25% premium, monthly savings fund matchings, pantry vouchers, transportation assistance, and fully paid life events leave (parental, marriage, bereavement) designed for uncompromised personal wellness and professional mastery.