CYBERSECURITY AND NETWORK MANAGER

The main objective of the position is to ensure that the organization can prevent, detect, respond, and recover from threats and vulnerabilities in the current digital environment. Safeguarding digital assets and sensitive information of our organization, protecting the confidentiality, integrity, and availability of data and critical systems, as well as minimizing security risks and incidents.

Key Responsibilities:

• Implement the Information Security strategic plan (policies and strategic objectives) and verify compliance.
• Preserve the confidentiality, availability, and integrity of information and the security of technological infrastructures, systems, and supporting applications.
• Support internal and external audits.
• Project management within the area (participate in new initiatives to define security requirements, provide support to ensure systems have appropriate security levels for the assets they support).
• Coordinate and develop your work team.
• Define and monitor the implementation of security measures, identifying information vulnerabilities and risks.
• Establish security measures.
• Manage incident response and forensic analysis.
• Implement corrective measures.
• Plan the development and implementation of protection mechanisms.
• Official Compliance Officer for LFPDP (Monitor, control, and evaluate compliance with legal security and data privacy requirements).
• Promote awareness and training activities on Security aspects.
• Measurement and monitoring of management indicators.
• Implement and collaborate in the continuous improvement of an information acquisition system on risks, vulnerabilities, and security incidents, allowing the collection of statistics and risk factor analysis for the company.
• Monitoring and tracking of cybersecurity indicators.
• Knowledge of Information Security regulations and standards (e.g., ISO 27000, ISO 22301, ISO 27017, ISO 27701, PCI-DSS, etc.).
• General knowledge of current regulations applicable in Mexico regarding security, privacy, data protection, and environmental protection.
• Training and generic knowledge about regulations and standards in other areas of information security.
• Identify and evaluate security risks for the organization's information systems and data.
• Lead and coordinate the response to security breaches or incidents.
• Carry out training programs to educate staff on best security practices.
• Conduct periodic security evaluations and audits.
• Evaluate and manage security risks associated with external relationships.
• Security configurations in EDR, NGFirewall, WAF, and Load Balancer.
• Strong knowledge in NGFW, WAF, IDS, IPS, Anti-spam, 2FA, Pentesting.

Requirements:

• Degree in Computer Science, Systems Engineering, Information Security, or related fields.
• Deep knowledge of concepts such as TCP/IP, LAN/WAN, Networking, firewalls, security protocols, vulnerability management, and incident response across different attack vectors.
• Practical experience with security tools and technologies such as firewalls, IDS/IPS, SIEM, and cybersecurity platforms.
• Preferably with relevant certifications (e.g., CCNA, CCNP, CEH, CISSP, etc.).
• +5 years of experience in the field.
• Advanced English proficiency.
• Knowledge of security standards such as ISO 27001, PCI DSS, or SOC2 Type 1 and 2.
• Audits experience.

We Offer: In-site

• Salary of $50,000 nominal.
• Legal benefits.
• 100% IMSS coverage.
• Subsidized dining.
• Direct hiring by the company.
• Opportunity for development and growth within the company.