Security Monitoring Engineer (Santiago de Querétaro)

Bosal GroupBOSAL is a Dutch privately owned company, mainly known as a general Tier 1 automotive supplier, in business since ****. We employ about **** people in 16 production facilities of which the largest ones are situated in Czechia, Mexico, Turkey, Brasil, US and South Africa. Our corporate research center is based in Belgium, next to that we run 5 other R&D; satellites worldwide.Currently we are looking for a Security Monitoring Engineer in Querétaro (Mexico):As a Security Monitoring Engineer, you are responsible for building and operating centralized security monitoring and incident detection capabilities. You design and implement a SIEM platform from scratch and ensure effective detection and response across the organization's IT landscape.Your responsibilities: Designing, implementing, and operating a SIEM platform (e.g. Microsoft Sentinel or equivalent). Onboarding and normalizing logs from: Palo Alto firewalls and Prisma Access. Cisco switches, WLC's, ISE, and Catalyst Center. Windows and Linux servers. Microsoft 365 and identity services. Critical applications and SaaS platformsDefining, prioritizing and maintaining detection use cases aligned with asset criticality and risk.Developing and maintaining detection rules and use cases.Designing and documenting incident response workflows and playbooks.Correlating incidents with asset criticality and vulnerability and exposure data.Supporting TISAX evidence for monitoring, logging and incident handling.Continuously improving detection coverage and reducing false positives.Ensuring monitoring and incident response capabilities are demonstrably effective and audit-ready.Your profile: Skills:Experience with SIEM platforms, such as Sentinel, Splunk or similar.Strong knowledge of log ingestion and parsing (syslog, API's). Expertise in security monitoring and detection engineering.Experience with Windows and Linux logging.Knowledge of network and firewall logging concepts.Relevant certifications are considered as an asset.Experience:4+ years in security operations or SOC‐related roles.Experience building or significantly extending SIEM platforms.Experience in heterogeneous environments (network, servers, cloud). Experience with incident response processes.Do you have an entrepreneurial mindset and do you want to invest in your career? Then we offer an inspiring job in an unique environment with an interesting remuneration package with additional benefits.More information? Are you interested or do you want more information about this position? Then apply via the Linkedin apply button. Postúlate en Kit Empleo: kitempleo.com.mx/empleo/5uqvdf