¡Activa las notificaciones laborales por email!
Security Technology Analyst
Devoteam
Madrid
Híbrido
EUR 40.000 - 60.000
Jornada completa
Descripción de la vacante
A leading IT company in Europe is seeking a Level 2 Security Analyst for its Security Operations Center (SOC). The ideal candidate will have experience with SIEM/SOAR solutions, strong analytical skills, and a proactive mindset. This hybrid role involves analyzing security alerts, operating security tools, and contributing to continuous improvement efforts. Competitive salary and career growth opportunities offered.
Servicios
Formación
- 2-4 years of experience in SOC operations, with at least 1 year in an L2 role.
- Hands-on experience with SIEM/SOAR platforms.
- Proficiency in query languages: KQL, SPL, or SQL.
Responsabilidades
- Analyze and investigate medium to high-complexity security alerts.
- Perform root cause analysis on complex incidents.
- Design, implement, and optimize detection use cases.
Conocimientos
Herramientas
Imagine being part of one of the most successful IT companies in Europe. Turn imagination into reality and apply for this exciting career opportunity in Devoteam.
We are seeking a Level 2 (L2) Security Analyst for our Security Operations Center (SOC), with solid experience in SIEM / SOAR solutions, especially Google SecOps, CrowdStrike NG-SIEM and Microsoft / AWS / GCP ecosystems. The ideal candidate will have extensive experience in creating threat detection use cases, and deep knowledge of EDR / XDR technologies and networks / communications.
Analyze and investigate medium to high-complexity security alerts, with a goal of resolving 80% without escalation to L3
Perform root cause analysis on complex incidents, documenting findings and recommendations
Coordinate incident responses involving multiple systems and cloud platforms
Design, implement, and optimize detection use cases based on MITRE ATT&CK
Tune correlation rules in SIEM and detection policies in EDR/XDR to reduce false positives
Validate and test new detections before production implementation
Operate and manage Google Chronicle SecOps, CrowdStrike Falcon Next-Gen SIEM and PaloAlto XSIAM as primary platforms
Manage detections in Microsoft 365 Defender, Azure Sentinel, and AWS Security Hub
Utilize PaloAlto Cortex XSIAM for threat analysis and investigations
Develop automation scripts (Python / PowerShell) for repetitive tasks and alert enrichment
Mentor and provide technical support to L1 analysts
Contribute to technical documentation, playbooks, and operational procedures
Participate in proactive threat hunting exercises
Fluent English (C1 / C2 level) - both written and verbal communication
2-4 years of experience in SOC operations, with at least 1 year in an L2 role
Hands-on experience with at least twoof these SIEM / SOAR platforms "Google Chronicle SecOps","Palo Alto XSIAM","CrowdStrike Falcon Next-Gen SIEM", "Microsoft Sentinel"
Demonstrable experience with EDR / XDR solutions (CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne, Cortex XDR or Sophos)
Proficiency in query languages : KQL (Kusto), SPL (Splunk), or SQL
Strong knowledge of networks and protocols : TCP / IP, DNS, network traffic analysis
Experience in Microsoft 365 environments (Exchange Online, Azure AD, Defender)
Hands-on experience with PaloAlto Cortex XSIAM, Google Secops, CrowdStrike NG-SIEM
Scripting / automation skills : Python, PowerShell, or Bash
Experience developing detection use cases based on frameworks (MITRE ATT&CK)
Familiarity with threat intelligence platforms (SOCRadar, Google GTI, MISP)
Platform-specific certifications : Microsoft Security Operations Analyst (SC-200), CrowdStrike Certified Falcon Administrator, or Google Chronicle Security Operations
GIAC : GCIA, GCIH, or GCFA
CompTIA Security+ or CySA+
Certified SOC Analyst (CSA) from EC-Council
Analytical capacity and critical thinking for complex investigations
Excellent written communication for clear technical documentation
Verbal communication skills to explain technical incidents to non-technical audiences
Service orientation and ability to interact professionally with internal clients
Effective time management and prioritization under pressure
Proactive mindset and oriented towards continuous improvement
Collaborative work and willingness to share knowledge
Permanent full-time position
Hybrid (Barcelona)
On-Call rotations
A challenging and exciting career with an international perspective and opportunities
High level of trust and competency to make your own decisions
A warm and talented culture with a focus on business, but knowing that family always comes first
Access to international network of specialists within the organization to build your rep and skills
At Devoteam we have created a culture of honesty and transparency, inclusion, and cooperation which we value a lot. We are looking for colleagues, who are highly motivated and proactive, not afraid of challenges. We are highly invested in the career path development of our employees, and we offer and support possibilities for further training, certification, and specialization.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
