Cyber Security Specialist Operations

# Cyber Security Specialist, Spain Operations--
- *
* Job summary:

** We are seeking a cyber security specialist to join a global company in a growing and continuously evolving field, as part of a collaborative and comfortable team environment.
** The selected candidate will work in a Cyber Security Operation Centre during business hours on a 8x5 basis.**--
- ** The role has the following objectives:
*** Proactively identify and prevent threats, breaches, and vulnerabilities to protect customers, as well as providing reactive support when incidents occur.
* Manage complex cybersecurity incidents.
* Support the delivery and operations of IT security services, including strategy, policies, and threat response processes.

---###
*
* Key Responsibilities:

*** Integrate log sources into SIEM solutions to increase visibility and configure them for proper operation.
* Create and tune analytical rules to improve the detection of malicious activities according to customers security and business needs.
* Align incident detection configurations deterministically with the MITRE ATT&ACK framework.
* Align the threat model configurations to detect potential threat anomalies in the incident response process.
* Provide an audit methodology based on OSINT to ensure the proper application in the incident management process.
* Provide proactive and reactive security technical support to the Cyber Security Analyst team.
* Be on duty 24/7 for security incident escalations and critical interventions
* Serve as the escalation point and technical lead for P1 and P2 security incidents, as well as major global security incidents.
* Actively participate in initiatives aimed at enhancing the overall quality of processes and outcomes within the CySOC.
* Provide guidance and mentorship to team members in the Madrid CySOC to enhance their skills and knowledge.

--
- *
* Required qualifications:

*** At least 3 years of experience in security management and operations within a SOC, with a strong understanding of network security and incident response.
* Senior-level skills in security systems technologies:* + SIEM systems:
Microsoft Sentinel, Logrhythm, Splunk, QRadar  + Log management systems  + XDR systems:
Crowdstrike, Microsoft Defender, Trend Micro, Sekoia, Palo Alto Cortex  + Identity and Access Management (IAM) systems:
Microsoft Defender for Identity, Okta, Cyber Ark  + Anomaly detection systems:
Darktrace, Extra Hop  + Sandboxing:
Any Run, Cuckoo  + Orchestration systems:
Palo Alto XSOAR, The Hive, Chronicle
* Senior-level skills and knowledge to understand and apply MITRE ATT&CK framework definitions to threats, breaches and vulnerabilities detection
* Senior-level skills in analysing malware, extraction indicators of compromise, and providing mitigation recommendations.
* Senior-level skills in monitoring advanced threats
* Basic programming skills in Python or Bash for process automation.

* Soft skills:

customer focus, teamwork, efficient and effective communication adapted to the audience, analytical mindset, attention to detail, problem-solving ability, leadership, teaching and coaching, taking ownership
* Fluent in English, both written and speaking--
- ** Valuable qualifications:
*** Knowledge of Threat Intelligence Platforms:
Anomaly, Threat Connect, MISP
* Knowledge of vulnerability scanning tools:
Qualys, Tenable
* Comp Tia Security +
* CISSP* Certified Incident Handler
* Cisco CCN Routing & switching or CCNA security
* Recognised technical qualification or accreditation in the field of security specialism.

--
- ** Compensation and benefits:
*** A competitive salary with benefits (health insurance, retirement plans,..)
* Initial and continuous training to keep up to date in the world of cybersecurity
* Job security
* Hybrid work model##
#J-18808-Ljbffr