👋 Schedule a meeting and start enabling new business with your cybersecurity
Enter your corporate email. Our solutions are specifically designed for companies.

By clicking Submit, you agree that Delta Protect may store and process the personal information provided above in accordance with the privacy policy set forth in the Privacy Notice.

🙌 Thank you for contacting us!
📩 We have sent you an email with the following steps, don't forget to check your inbox
Oops! Something went wrong while submitting the form.

"Our recent experience with Delta Protect in pentesting was exceptional. They provided crucial assistance in identifying and strengthening security issues in a variety of systems and interfaces, spanning front-end, back-end and mobile applications. Their agile and highly professional approach was remarkable. We would certainly trust Delta Protect again to ensure the integrity of our systems."

Manuel Andere
Co-founder & CTO - Sofia

"Working with Delta Protect exceeded expectations. Their clear communication, direct Slack support channel and technical advice gave us confidence at every step. Thanks to their penetration tests and the included retest, we were able to reach an enterprise grade level, which opened up new opportunities for us in Latin America. The professionalism and human fluency of their team make the difference."

Federico Harraca
CTO & Co founder - Sensify

"Thanks to the partnership with Delta Protect, Atrato has made significant progress towards ISO 27001 certification, significantly strengthening its security and compliance. Delta's ongoing support and expert advice, combined with the innovative Apolo platform, have been instrumental in accelerating and optimizing our roadmap, enabling us to effectively meet and overcome any information security challenges."

Sergio Garcia
Engineer Manager

"After 3 months of effective collaboration with Delta Protect, we are impressed with the results and coverage of the CISO As a Service Pentesting program. We have detected and addressed key vulnerabilities, significantly improving our information security. The Cybersecurity trainings and Phishing exercises have been crucial in increasing the awareness of our employees. We appreciate Delta Protect's continued monitoring and support and look forward to achieving more goals together."

Pablo Padilla
IT Manager

"Our collaboration with Delta Protect marked a milestone in our digital security. Their meticulous and detailed approach to Pentest revealed hidden vulnerabilities that had gone unnoticed, demonstrating impressive efficiency and speed in their resolution. In addition, their CISOaaS service transformed our cybersecurity strategy, where their expert team guided us in developing robust policies and effective processes."

Jaime Zenizo
CEO & Partner

"I am very pleased to relate the positive and enriching experience we have had with Delta Protect and their outstanding Chief Information Security Officer as a Service (CISOaaS). Representing Sperientia's IT department, I would like to express my deep gratitude and appreciation for the high level of quality and professionalism evidenced in our collaboration with the Delta Protect team. Since the inception of our partnership with Delta Protect, we have seen exceptional commitment and excellence, far exceeding our expectations."

Ilse Fernandez
Data and Information Management

"My experience with Delta Protect's team of specialists has been tremendously positive. At all times, they have shown a high degree of professionalism, expertise and knowledge, and have handled themselves with impeccable ethics. Their attention to detail and willingness to solve problems and provide support has been indispensable. As a CISO, I greatly value having such reliable and competent allies, who contribute significantly to strengthening my company's cybersecurity posture."

Enrique Guzman
Chief Information and Security Officer

I am absolutely impressed with the experience provided by Delta Protect. They are, without a doubt, the most responsive and responsible provider we have had the pleasure of working with.

Erick Perez
Chief Executive Officer

"Delta Protect was an optimal solution for us. We were looking for a supplier that was technically up to date, understood our business model and gave us the certainty of being able to transmit solidity to our clients. The Delta team's treatment and their processes have exceeded our expectations, we will certainly continue to work together."

Joaquin Rivera
Co-Founder & CEO - Kikoya

"The overall experience of working with Delta Protect has been simply excellent! The team responds with speed, they clarify all questions as they arise and the support provided throughout the process is excellent. I would recommend without hesitation."

Paolo Rizzi
Co-Founder & CTO - minu

"Delta Protect's service is highly professional. We were very satisfied with the result. They offered accompaniment at all times to find and fix the vulnerabilities they found in our system."

Alberto Navarro
Head of Product - Arkángeles
Return to

SOC Manager

Hybrid

Delta Protect

At Delta Protect we make Cybersecurity and Compliance accessible, automated and actionable for companies throughout Latin America. We accompany our clients in certifications such as ISO 27001, PCI DSS, SOC 2, HIPAA, integrating Pentesting, Threat Detection, Cyber Intelligence and 24/7 Security Operations with a technical, human and business approach.

From Micro-enterprises, to unicorns 🦄 we believe that Cybersecurity and Compliance is for everyone.

Our Impact

  • +300 companies trust us 🔒.
  • +500 successful projects delivered ⚙️
  • +15K endpoints monitored in real time 📡
  • +1K critical vulnerabilities detected and corrected 💪
  • +1M of exposed data detected on the dark web 👁️
  • +7 countries with protected customers 🌎
  • +6 years transforming cybersecurity in LATAM 🚀.

Why join Delta?

Cyberattacks have increased by more than 400% since the 🦠 pandemic, and companies are the main target. Our purpose is clear: to protect LATAM's business fabric from the next cyber pandemic... and we want you to be part of the team building this defense. 🌎

What do we offer you?

  • 🧠 High Performance Team: you will learn more in 3 months than in 1 year elsewhere .
  • 1200 USD for personal development
  • 🩺 Major and minor medical insurance
  • 💻 Hardware included
  • 🚗 Transportation with Uber for face-to-face activities.
  • 🏝️ Flexible, results-oriented vacations
  • 🏡 Hybrid work
  • Culture in pursuit of excellence, results-oriented.

How does the process work?

  1. Apply in our application form 📩
  2. If your profile fits, you'll get an initial screening call 🤝
  3. We will send you a technical or practical challenge ⚙️
  4. You will present your solution to the area leader in a video call💡
  5. You will have a session with the Head of People to assess cultural fit 🧩
  6. Finally, you will talk to the founders of Delta Protect 🚀.

About the role‍

At Delta Protect, we are looking for our next SOC Manager with a three-pronged mission: to build, automate, and defend.

He leads the dSOC for Google SecOps (Chronicle SIEM + SOAR) and Google Threat Intelligence, designing it as an agent-based SOC where Claude, Gemini, and n8n operate as front-line analysts supervised by humans. He also leads Incident Response and Digital Forensics (DFIR) as a unique offering of Delta Protect in Latin America.

He is an architect first and an operator second, and an operator first and a manager second. He gets his hands dirty handling critical incidents, designing YARA-L rules, building agent-based playbooks, and conducting forensic investigations. All of this is done in strict alignment with NIST CSF, NIST SP 800-61r3, MITRE ATT&CK, and ISO 27001.

AI is not an assistant: it is a capability multiplier that the SOC Manager must design, implement, and audit.

Your main challenges

  • Building the dSOC from the ground up: Design and implement the architecture for data ingestion, parsing, enrichment, multi-tenant segmentation, and access controls on Google SecOps. Establish runbooks, operational security guidelines, and technical acceptance criteria in a greenfield environment.
  • Operate the SOC as an agent-based system. Design and deploy autonomous agents for Level 1 triage, IOC enrichment, cross-tenant correlation, containment, and report generation. Implement evaluation, guardrails, and auditing of agent-based decisions. The goal: to measurably reduce repetitive manual work and free up the team for in-depth investigation.
  • Lead DFIR as a core competency. Manage the end-to-end IR process in accordance with NIST SP 800-61r3, including war rooms, executive communication with clients, and legal coordination. Perform forensics when criticality demands it: memory, disk, network, cloud, and endpoint. Chain of custody, evidence preservation, and admissible reporting. Apply AI to accelerate analysis and report writing.
  • Advance detection capabilities with MITRE ATT&CK coverage. Design, deploy, and maintain YARA-L rules, SOAR playbooks, and version-controlled detection-as-code. Conduct structured threat hunting using hypotheses, telemetry, and coverage metrics.
  • Develop the Blue Team into an agent supervision role. Lead L1/L2 analysts and detection engineers. Design shift schedules, professional development, and technical career paths. Support the team’s transition from alert handlers to agent architects and supervisors.
  • Make decisions based on data, not intuition. Define and manage MTTD, MTTR, SLA compliance, MITRE coverage, the percentage of alerts resolved autonomously, and investigation quality. Build executive and operational dashboards to guide internal and client-facing decisions.
  • Client Relations and Executive Communication: Represent the dSOC to clients at kickoffs, QBRs, critical incident reviews, and posture presentations to CISOs, CIOs, and C-level executives. Translate technical risk into business language clearly and without oversimplifying. Maintain calm and structured communication during critical incidents.

What you need to be successful

  • 6–10 years of experience in cybersecurity operations, with a proven track record of building or scaling a SOC from the early stages (in-house or MSSP).
  • Practical proficiency in Google SecOps (Chronicle SIEM + SOAR): parsing, data models, YARA-L, playbooks, connectors.
  • Direct experience in end-to-end IR in accordance with NIST SP 800-61r3 and in DFIR, with hands-on expertise in at least three of the following areas: memory, disk, network, cloud, or malware analysis.
  • Experience designing security agent workflows using at least one of the following platforms: Google SecOps SOAR, n8n, Claude API/Agent SDK, LangGraph, or similar.
  • Proficiency in the MITRE ATT&CK framework, scripting in Python/PowerShell/Bash, and EDR/XDR operations (SentinelOne or equivalent).
  • Experience in project management under SLAs in MSSP environments and in executive-level communication with clients (QBRs, kickoffs, and escalations to C-level executives).
  • Google Threat Intelligence (Mandiant Advantage + VirusTotal) for threat hunting and operational enrichment.
  • Experience with log collectors (Bindplane, Fluentd) and multi-tenant architecture in SIEM.
  • Knowledge of PCI DSS, HIPAA, or regulatory frameworks applicable to clients in Latin America.
  • Previous experience with Splunk, Microsoft Sentinel, QRadar, or Elastic as a complement to the Google SecOps stack.
  • Business-level English.

Key Skills

  • Facilitating Leadership 🏆: Unlocks the team, doesn't hold it back.
  • Builder, Not Operator 🏗️: Design before you build, but don't get stuck in the design phase.
  • Agentic Mindset ⚡: Explore how to leverage AI and automation to scale up capacity.
  • Hands-On DFIR 🔬: Gets their hands dirty during incidents. Doesn't delegate tasks they need to handle personally when the situation demands it.
  • Strategic Thinking + Execution 🎯: Aligns the Head of Blue Team’s vision with day-to-day operations and delivers measurable results.
  • Data-Driven Mindset 📊: Make decisions based on data, not intuition. Act first, then opine.
  • Executive and Client Communication 🗣️: Translates technical risks into business language. Remains calm and clear during critical incidents.
  • Problem Solver and Critical Thinker 🧠: Quickly diagnoses issues, distinguishes symptoms from root causes, and proposes structured solutions.
  • Adaptability & Continuous Learning 📚: The threat landscape and the AI stack are evolving; people evolve with them.
  • Integrity and Confidentiality 🔒: Handles critical client information with impeccable ethics.

Certifications

Core: GCIH or GSOC · CISM or CISSP · Blue Team Level 2 (BTL2) or Certified SOC Analyst (CSA)

DFIR:

  • GCFA (GIAC Certified Forensic Analyst).
  • GCFE (GIAC Certified Forensic Examiner).
  • GNFA (GIAC Network Forensic Analyst).
  • GREM (GIAC Reverse Engineering Malware).
  • GCTI (GIAC Cyber Threat Intelligence).

Stack: Google SecOps Professional Security Operations Engineer · SentinelOne Certified Admin or SentinelOne Incident Response Engineer (SIREN) · Google Cloud Security Engineer or AWS Security Specialty

Compliance and Management: Expertise in ISO 27001 · ITIL 4 Foundation.

Preferred certifications: CompTIA CySA+, CEH · PMP, PMI-ACP, or Scrum Master.

Apply
Delta Protect Logo
Company
Countries
Solutions
Services
Penetration and Ethical Hacking TestsCompliance and CertificationsSecurity Operations CenterManaged Security ServicesdCloud Managed Cloud ServicesCISO as a Service
Apolo
Meet ApoloEnterBook demo
Resources
WebinarsNewsletterEventsE-BooksGlossaryBlogWhat is ISO 27001?
Find us at
CompanyContact usJoin the teamTestimonials
Legal
Privacy NoticeTerms and ConditionsInformation Security Policy
NIST CSF Consulting for Businesses
Cybersecurity Consulting for Businesses
PCI DSS Consulting: Auditing and Compliance
Incident Monitoring and Response Service
MDM software for enterprises
ISO 27001 Certification Consulting Services
Patch Management Software
SOC 2 Consulting for Companies
Access Identity Management Service
Enterprise Anti-malware Software
Data Loss Prevention Service
Backup and Continuity Services
Information Security or Cybersecurity Services
Computer Intrusion Test
Cloud Security Services
SIEM as a Service
Threat Intelligence Service
Static Code Analysis Service
Computer Security Audit Service
Digital Surveillance Service
Application Audit Service
Stress tests (DDoS test)
Hardening Service
Threat Hunting Services
Purple Team Services
Bug Bounty program management and implementation
Red Team Services
Blue Team Services
Cloud Configuration Audit
Ramsomware Simulation
Social Engineering Testing
Phishing as a Service (PhaaS)
AntiBotnet Service
Information Security Management System (ISMS)
Business Impact Analysis (BIA) Consulting
Business Continuity Plan (BCP) Consultancy
Disaster Recovery Plan (DRP) Consultancy
Source Code Review Service
Workstation Pentesting
Firewall Pentesting
Network Pentesting: Routers and Switches
Server Pentesting
API Pentesting
iOS and Android Mobile Application Pentesting
Web Pentesting
Backoffice Systems Pentesting
Pentesting for SaaS platforms
Ciso as a Service
SOC as a Service
NOC as a Service
DLP: Data Loss Prevention Service
Deep Security
Company
Services
Penetration and Ethical Hacking TestsCompliance and CertificationsSecurity Operations CenterManaged Security ServicesdCloud Managed Cloud ServicesCISO as a Service
Apolo
Meet ApoloEnterBook demo
Resources
WebinarsNewsletterEventsE-BooksGlossaryBlogWhat is ISO 27001?
Find us at
CompanyContact usJoin the teamTestimonials
Legal
Privacy NoticeTerms and ConditionsInformation Security Policy
Countries
Solutions
NIST CSF Consulting for Businesses
Cybersecurity Consulting for Businesses
PCI DSS Consulting: Auditing and Compliance
Incident Monitoring and Response Service
MDM software for enterprises
ISO 27001 Certification Consulting Services
Patch Management Software
SOC 2 Consulting for Companies
Access Identity Management Service
Enterprise Anti-malware Software
Data Loss Prevention Service
Backup and Continuity Services
Information Security or Cybersecurity Services
Computer Intrusion Test
Cloud Security Services
SIEM as a Service
Threat Intelligence Service
Static Code Analysis Service
Computer Security Audit Service
Digital Surveillance Service
Application Audit Service
Stress tests (DDoS test)
Hardening Service
Threat Hunting Services
Purple Team Services
Bug Bounty program management and implementation
Red Team Services
Blue Team Services
Cloud Configuration Audit
Ramsomware Simulation
Social Engineering Testing
Phishing as a Service (PhaaS)
AntiBotnet Service
Information Security Management System (ISMS)
Business Impact Analysis (BIA) Consulting
Business Continuity Plan (BCP) Consultancy
Disaster Recovery Plan (DRP) Consultancy
Source Code Review Service
Workstation Pentesting
Firewall Pentesting
Network Pentesting: Routers and Switches
Server Pentesting
API Pentesting
iOS and Android Mobile Application Pentesting
Web Pentesting
Backoffice Systems Pentesting
Pentesting for SaaS platforms
Ciso as a Service
SOC as a Service
NOC as a Service
DLP: Data Loss Prevention Service
Deep Security
Copyright® 2025. Delta Exponential Technologies, S.A. de C.V.
Badge: Protected by Delta Protect. ISO 27001
Badge: Protected by Delta Protect
🚀 Apolo 4.1 It's ready!

We enabled the Training module to encourage cybersecurity in your employees.

Learn more