Stay Connected. Get job postings, tech news, program updates and more straight to your inbox. Subscribe

Work In Tech

Find your next role at Canada's fastest-growing tech companies

Feature your company’s job posting Submit your job seeker talent profile Search Corporate roles
Search 
jobs
 6,851
Explore 
companies
 1,512
Join talent network
Talent
My job alerts

Incident Response Engineer

OTTO Motors

OTTO Motors

Mexico City, Mexico · Monterrey, Nuevo Leon, Mexico
Posted on Mar 28, 2025
Apply now

Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better.

We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us!

Job Description

We are looking for an experienced Cybersecurity Analyst to join our Cybersecurity Security Incident Response Team (CSIRT). As Incident Response Engineer you will be responsible for advanced threat detection, incident response, and security operations, ensuring the integrity and availability of enterprise systems. You will be an escalation point for complex security incidents, lead investigations, and contribute to the continuous improvement of cybersecurity processes and defenses.

Reporting to Global Incident Management Leader.

Your Responsibilities:

  • Threat Detection & Incident Response
  • You will lead the investigation, containment, eradication, and recovery of advanced cyber threats and security incidents.
  • You will be the final escalation point for Level 1 and Level 2 analysts, providing guidance and mentorship.
  • You will use threat intelligence, SIEM platforms, EDR solutions, and other security tools to analyze and reduce security events.
  • You will conduct root cause analysis (RCA) and forensic investigations to determine attack vectors and effect.
  • You will develop and implement advanced detection rules, correlation searches and plans for threat hunting.
  • Security Operations and Monitoring
  • You will oversee real-time monitoring of security alerts and ensure rapid response to potential threats.
  • You will improve security monitoring tools such as SIEM, SOAR, and EDR solutions.
  • You will perform proactive threat hunting to identify undetected malicious activities.
  • Threat Intelligence & Research
  • You will analyze new threats, vulnerabilities, and attack techniques to improve defenses.
  • You will use threat intelligence platforms (TIPs) and external sources (MITRE ATT&CK, TTPs) to enhance security posture.
  • You will work with internal functions and external partners to support Risk assessments to validate detection capabilities and response procedures.
  • Security Engineering & Automation
  • You will develop and fine-tune security rules, alerts, and automation plans to improve efficiency.
  • You will help design and improve security controls across cloud and on-premises environments.
  • You will collaborate with DevOps and IT teams to implement secure configurations and best practices.
  • Compliance and Reporting
  • You will ensure adherence to security policies, regulatory frameworks (NIST, ISO 27001, CIS), and industry best practices.
  • You will prepare detailed reports and post-incident documentation for executive leadership and partners.
  • You will participate in security audits, risk assessments, tabletop exercises, and post-incident activities.

The Essentials - You Will Have:

  • Education: Bachelor's degree in Cybersecurity, Computer Science, Information Security, or related field (or equivalent experience).
  • Certifications (Preferred):
  • Required: Security+ / CYSA+ / SSCP
  • CISSP, CISM, CEH, GCIH, GCFA, GCIA, OSCP

The Preferred - You Might Also Have:

  • Minimum 5+ years of hands-on experience in cybersecurity operations, SOC, or threat intelligence.
  • Technical Skills and Expertise
  • Proficiency with SIEM platform (Sentinel or other SIEMs).
  • Experience with EDR/XDR solutions (CrowdStrike, Defender for Endpoint).
  • Hands-on experience with IDS/IPS, SOAR, and forensic tools (Wireshark, VIRUSTOTAL, Microsoft Sentinel SOAR).
  • Knowledge of email security platforms and threat intelligence frameworks (Proofpoint, MITRE ATT&CK, Cyber Kill Chain).
  • Familiarity with cloud security (AWS, Azure, GCP) and container security (Kubernetes, Docker).
  • Proficiency in scripting & automation (Python, PowerShell, Bash) for security automation.
  • Experience with network security, firewalls, and intrusion detection systems.

What We Offer:

Our benefits package includes …

  • Comprehensive mindfulness programs with a premium membership to Calm
  • Volunteer Paid Time off available after 6 months of employment for eligible employees
  • Company volunteer and donation matching program – Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation.
  • Employee Assistance Program
  • Personalized wellbeing programs through our OnTrack program
  • On-demand digital course library for professional development... and other local benefits! #LI-PT2#LI-hybrid

Rockwell Automation’s hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.

Apply now
See more open positions at OTTO Motors
Privacy policyCookie policy