Mexico onlyAvertium is a cyber fusion and MXDR leader, delivering comprehensive security and compliance services to mid-market and enterprise customers. Our unique “Assess, Design, Protect” methodology addresses and improves security strategy, reduces attack surface risk, strengthens compliance, and provides continuous threat protection. Avertium maximizes customer security investments and enables customers to focus on growth, innovation, and business outcomes, while assuring that their security infrastructure is resilient and adaptive to evolving threats. That’s why customers trust Avertium to deliver better security, improved compliance, and greater ROI.
As a Cyber Security Specialist, this role supports 24x7 monitoring and response operations by identifying, validating, and escalating potential security incidents. Working as an active member of the Security Operations Center (SOC), the specialist uses SIEM, IDS/IPS, and endpoint detection tools to distinguish between benign activity and legitimate threats, ensuring accurate triage and timely containment actions.
The specialist performs initial investigations, reviews vulnerability findings, and assists with remediation verification to strengthen client environments. They contribute to trend analysis, help refine detection logic, and collaborate with senior analysts and engineering teams to improve SOC workflows and alert fidelity.
This position is ideal for those with foundational cybersecurity experience who are ready to apply their technical skills, analytical thinking, and professional judgment in a fast-paced environment. The specialist is expected to document findings clearly, follow established playbooks, and proactively stay informed about emerging threats and evolving security technologies while growing toward independent investigation responsibilities.
Knowledge, Skills and Abilities:
- Foundational Cybersecurity Knowledge - Demonstrates working knowledge of cybersecurity fundamentals, including confidentiality, integrity, and availability (CIA); access control concepts; and defense-in-depth strategies. Recognizes common attack types, tactics, and vulnerabilities, and applies this understanding to alert validation and triage.
- Networking and Operating System Fundamentals - Understands how core network protocols (TCP/IP, DNS, HTTP, etc.) and the OSI model relate to system communications. Utilizes this knowledge to identify abnormal network traffic and system behavior. Operates comfortably in multiple OS environments and interprets basic system and event logs.
- Security Tools and Technologies - Proficiently operates standard SOC monitoring tools such as SIEM, IDS/IPS, and EDR platforms. Collects, reviews, and interprets logs for indications of compromise. Uses vulnerability scanners and antivirus platforms to identify and verify potential risks.
- Cyber Defense and Detection Concepts - Applies detection methodologies to identify and validate anomalies and potential intrusions. Understands signature-based and behavioral detection models, and supports tuning or rule enhancement activities by providing relevant observations.
- Incident Response Awareness - Executes standard triage and response actions during security incidents in accordance with defined playbooks. Documents case findings accurately and escalates as appropriate based on impact and scope.
- Risk and Compliance Fundamentals - Recognizes how risk management and compliance frameworks (ISO, HIPAA, PCI DSS) apply to SOC operations. Identifies and reports deviations from policies or standards and participates in routine evidence gathering.
- Cryptography and Data Protection - Understands core encryption and key management principles, including proper handling of sensitive data. Applies privacy standards when managing logs or data that include PII, PHI, or PCI information.
- Analytical and Problem-Solving Skills - Analyzes event data to determine patterns and relationships between security alerts. Applies logical reasoning and investigative methodology to identify root causes and assist with containment or remediation.
- Communication and Documentation Skills - Produces clear, concise, and accurate documentation within ticketing and reporting systems. Communicates technical findings effectively to peers and supervisors, ensuring continuity of investigations across shifts.
- Professional and Ethical Conduct - Adheres to Avertium and client security policies, confidentiality agreements, and data handling standards. Models responsible cyber hygiene and professional integrity in all actions and communications.
- Continuous Learning and Adaptability - Pursues ongoing development through internal training, certifications, and peer mentorship. Actively incorporates feedback from senior analysts to improve analytical efficiency and technical acumen.
Certifications:
- Required (or be able to obtain): Microsoft SC200, Sentinel 1 SIREN
- Desirable: Microsoft AZ500
- Example additional considerations or equivalents such as (not all inclusive): A+/Network+, CCT, DFE, CSA, GISF, ECSS
United States
