Security Monitoring, Detection and Response Engineer

Security Monitoring, Detection and Response Engineer

2 weeks ago Be among the first 25 applicants

About The Job

We are seeking a bilingual, experienced and highly skilled security operations professional to join our team as a Security Monitoring, Detection and Response Engineer.

The ideal candidate will have a strong background in monitoring, detection, and response.

You will be responsible for monitoring, analyzing, and responding to security events and incidents, detecting suspicious activities, classifying and escalating security incidents, and integrating log sources, verifying logs, triaging incidents, and performing level‑1 incident response while running security incident management playbooks.

This position is 100% remote in Colombia.

Key Responsibilities

• Implement, maintain and operate security monitoring systems and processes to detect potential security incidents.
  
  
• Operate Security Information and Event Management (SIEM) tools, including configuring alerts, use cases, dashboards, and reports to identify malicious activity and anomalies.
  
  
• Integrate log sources to SIEM, providing high‑quality logs and fields with documentation.
  
  
• Ensure continuous monitoring of network, system, and application logs to detect threats in real time, including using anomaly detection techniques.
  
  
• Fine‑tune detection rules and reduce false positives to generate high‑fidelity alerts.
  
  
• Report and document events and incidents.
  
  

Security Incident Response

• Participate in the incident response process definition, including preparation, detection, analysis, containment, eradication, recovery, and post‑incident activities.
  
  
• Manage level‑1 incident response, including detection, analysis, containment, eradication, recovery, and post‑incident activities.
  
  
• Respond to incidents reported by users and other sources.
  
  
• Block indicators of compromise in security platforms.
  
  
• Coordinate with internal and external stakeholders (IT, legal, communications, etc.) to ensure timely and effective handling of security incidents.
  
  
• Execute incident response playbooks, ensuring alignment with industry best practices and regulatory requirements.
  
  
• Participate in the improvement of monitoring tools and procedures to align with organizational goals and risk management strategies.
  
  
• Escalate incidents to level‑2 when necessary.
  
  
• Support regular simulations (tabletop exercises, red teaming) to enhance preparedness for potential cyber incidents.
  
  

Collaboration & Reporting

• Continuously improve the incident response process.
  
  
• Collaborate with cross‑functional teams (e.g., IT, development, operations) to align security practices with internal and external requirements.
  
  
• Support evaluation and selection of third‑party vendors or tools for monitoring, detection, and incident response, as well as for threat, vulnerability, and security infrastructure management.
  
  
• Provide regular status reports and metrics on monitoring, detection, and incident response activities (incidents, response times, trends, etc.).
  
  
• Provide detailed reports on level‑1 security incidents, including findings, root causes, impact analysis, actions taken, and lessons learned.
  
  
• Maintain clear and accurate records of security incidents for audit and compliance purposes.
  
  

Key Qualifications

Bilingual (English - Spanish) B1/B2.

Education

• Bachelor’s degree in computer science.
  
  Post‑graduate degree in cyber/information security is a plus.
  
  

Certifications

• Certifications in incident response, threat hunting and/or security operations (e.g., GCIH, GCFA) are highly desirable.
  
  
• CEH and/or technical certifications related to threat intelligence, threat hunting and/or vulnerability management are highly desirable.
  
  

Experience

• 3+ years of experience in cybersecurity, with at least 2 years in a monitoring, detection and incident response role.
  
  
• Proven experience managing large‑scale security incidents and implementing incident response plans.
  
  
• Hands‑on experience configuring, operating and managing SIEM platforms (Splunk, QRadar, ArcSight, etc.) and other security/monitoring tools (e.g., firewalls, FWaaS, IPS, EDR/NDR/XDR, SWG, ZTNA, CASB, WAF/WAAP).
  
  
• Experience in cloud security is a plus (Azure, AWS, Google Cloud, etc.).
  
  

Skills & Competencies

• Strong knowledge of security incident management, threat detection, and response methodologies (e.g., NIST, SANS).
  
  
• Strong knowledge of network services and protocols, security protocols and technologies.
  
  
• Communication and presentation skills, with the ability to engage stakeholders.
  
  
• Ability to stay current and adapt quickly to new regulations, emerging security trends, tools, and technologies.
  
  
• Strong problem‑solving and analytical skills, with the ability to manage complex security challenges.
  
  
• Ability to remain calm under pressure and effectively manage high‑stress situations.
  
  

Seniority Level

Not Applicable

Employment Type

Full‑time

Industries

Real Estate, Financial Services, and Capital Markets

Referrals increase your chances of interviewing at Quetzal International Services by 2x