Resideo is hiring a Cyber Security Architect/Engineer to be a senior technical leader within our Security Operations function. In this role, you will be responsible for advanced analytics, complex investigations, tool engineering, and driving SOC capability maturity. You will proactively identify and respond to sophisticated threats while guiding the SOC toward higher automation and intelligence-driven operations.
What You'll Do
- Continuously assess emerging threats and evaluate SOC tools, architectures, and workflows for improvement.
- Recommend and implement standardized, scalable approaches for SOC technologies and processes.
- Develop and enhance SLAs, KPIs, and operational reporting for security tooling and SOC effectiveness.
- Maintain and enhance SOC policies, documentation, and procedures.
- Lead identification, investigation, and remediation of advanced security events and incidents.
- Ensure audit trails and evidence-handling standards support incident investigation and regulatory requirements.
- Develop cybersecurity policies and DLP standards aligned with organizational risk posture.
- Manage and investigate data-loss events to ensure risks are mitigated.
- Execute and enforce security policy, exception management, and risk controls.
- Provide Tier 3 technical escalation support for SOC incidents and engineering issues.
- Collaborate closely with architecture, network, data center, HR, Legal, and third parties during investigations.
- Lead and contribute to complex cybersecurity and SOC modernization projects.
- Mentor and develop SOC engineers and analysts to strengthen capabilities.
- Provide leadership input into planning, deployment, and optimization of new and existing security initiatives.
- Lead SIEM, SOAR, and XDR engineering, correlation rule development, and detection content optimization.
- Drive automation design and orchestration to increase SOC efficiency and reduce response times.
- Lead deep-dive threat hunting, hypothesis-driven investigations, and adversary simulation.
- Guide cloud-native security monitoring and detection engineering.
What We're Looking For
- Minimum 5 years of cybersecurity or SOC experience.
- Excellent documentation and communication skills.
- Certifications: GSEC, Security+, CISSP (preferred or in progress).
- Deep understanding of network protocols, IDS/IPS, SIEM, firewalls, proxies, and DLP technologies.
- Strong understanding of incident response frameworks and advanced threat actor behaviors.
- Ability to prioritize in a dynamic, fast-paced environment.
- Advanced written and verbal English communication skills.
Nice to Have
- Experience with modern SOC engineering (SOAR automation, XDR implementation, cloud monitoring).
- Strong experience developing detection rules, tuning alerts, and engineering log ingestion pipelines.
- Proven ability to lead investigations involving advanced persistent threats (APTs).
- Additional certifications (GCIA, GCFE, GDAT, GCTI, etc.).
Technical Stack
- SIEM
- SOAR
- XDR
- IDS/IPS
- Firewalls
- Proxies
- DLP
Team & Environment
This role is a senior technical leader within the Security Operations function, reporting to the Cyber Security Director.
Benefits & Compensation
- Benefits that go beyond Mexican labor law, ensuring your well-being and peace of mind.
- A collaborative and inclusive work environment where your contributions are valued.
- Opportunities for continuous professional growth and skill development through training, mentoring, and challenging projects.
- Access to cutting-edge tools, resources, and a supportive team to help you excel.
- The chance to work with a global, innovative company shaping the future in its industry.
Work Mode
This position follows a hybrid work model.
Resideo is an equal opportunity employer. Qualified applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, religion, or veteran status.
