Cybersecurity Analyst – Security Operations

WHAT MAKES US A GREAT PLACE TO WORK

We are proud to be consistently recognized as one of the world’s best places to work. We are currently the top-ranked consulting firm on Glassdoor’s Best Places to Work list and have earned the #1 overall spot a record seven times. Extraordinary teams are at the heart of our business strategy, but these don’t happen by chance. They require intentional focus on bringing together a broad set of backgrounds, cultures, experiences, perspectives, and skills in a supportive and inclusive work environment. We hire people with exceptional talent and create an environment in which every individual can thrive professionally and personally.

WHO YOU’LL WORK WITH

You’ll join our Enterprise Technology team, part of Bain’s digital capabilities practice. In this multidisciplinary group, you’ll help modernize our technology strategy, architecture, and systems—aligning technology with business goals to drive efficiency, agility, and innovation. You’ll collaborate across teams to strengthen our security posture and ensure scalable, resilient operations that support Bain’s global business.

WHERE YOU’LL FIT WITHIN THE TEAM

As a Security Operations Analyst within our Cyber Operations function, you’ll play a critical role in safeguarding Bain’s digital assets and protecting the integrity of our systems and data. You’ll help ensure that security measures align with business strategy, regulatory requirements, and industry best practices. Depending on team needs and your expertise, you may contribute across multiple security disciplines or specialize in a specific area.

WHAT YOU’LL DO

Security Monitoring (40%)

•    Monitor security systems, logs, and alerts to identify potential incidents or vulnerabilities

•    Manage and optimize tools such as SIEM platforms, intrusion detection/prevention systems (IDS/IPS), firewalls, endpoint protection, and antivirus solutions

•    Research and incorporate emerging threat intelligence, vulnerabilities, and attack techniques into monitoring processes

Incident Detection & Analysis (50%)

•    Investigate and analyze security threats, including malware, unauthorized access attempts, and potential data breaches

•    Assess severity and business impact, escalating and responding appropriately

•    Execute and enhance incident response playbooks to contain threats and restore normal operations

•    Prepare regular and ad hoc reporting on incidents, trends, and risk exposure

•    Ensure security controls are maintained and validated in alignment with internal policies

Professional Development & Innovation (10%)

•    Stay informed on evolving cybersecurity trends and technologies

•    Collaborate with security, IT, and business stakeholders to continuously improve Bain’s security posture

•    Contribute to automation and process improvement initiatives

•    Pursue relevant professional certifications and training

ABOUT YOU

Must have:

•    3–5+ years of experience in security operations, incident response, or related cybersecurity roles

•    Hands-on experience with SIEM platforms (e.g., Splunk) and endpoint detection and response (EDR) tools (e.g., CrowdStrike, Windows Defender, or similar)

•    Experience working with core security technologies (e.g., firewall, IDS/IPS, SIEM, EDR, AV, DLP, CASB)

•    Familiarity with common security frameworks (e.g., NIST, ISO, CIS, CSA)

•    Experience investigating and responding to security incidents

•    Strong analytical and problem-solving skills in fast-paced environments

•    Ability to clearly document findings and communicate technical concepts to diverse stakeholders

•    Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field (or equivalent experience)

Nice to have:

•    Experience with vulnerability and attack surface management tools

•    Exposure to threat intelligence platforms, deception technologies, or vendor risk scoring tools

•    Experience designing or implementing endpoint security controls (e.g., EDR, AV)

•    Experience automating security controls or scripting repetitive tasks

•    Experience working with cloud security control frameworks (e.g., NIST CSF, CSA)

WORKING MODEL

This role follows a hybrid model, requiring in-office presence at least two days per week at our Polanco office in Mexico City.