Use Case Management Team Lead

CyberProof is a cyber security services and platform company whose mission is to help our customers react faster and smarter – and stay ahead of security threats, by creating secure digital ecosystems. CyberProof automates processes to detect and prioritize threats early and respond rapidly and decisively.

CyberProof is part of the UST Global family. Some of the world’s largest enterprises trust us to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services.

We are looking for a UCM Team Lead with expertise in Azure Sentinel to join our Use Case Management team and become a member of our global Security Operations Team.

• The position offers a versatile mix of responsibilities, blending technical proficiency with team management and customer relations.
• Understand customer requirements and recommend best practices related to Sentinel solutions.
• Offer consultative advice in security principles and best practices related to Sentinel operations.
• Develop new Sentinel use cases, rules, correlations, dashboards to meet customer needs.
• Design and document Sentinel architectures to meet customer requirements.
• Assist customers with Sentinel sizing, architectures, and technical meetings.
• Guide clients in configuring log sources in scope for Sentinel.
• Ensure all use cases and playbooks are well-documented, including descriptions, workflow diagrams, and configurations.
• Verify data from log sources in Sentinel.
• Manage and mentor security engineers focused on detection rules, use cases, and playbooks within Azure Sentinel.
• Ensure team adherence to timelines and delivery expectations for detection use cases and playbooks.

• 2-3 years of experience with Azure Sentinel SIEM platform.
• At least 5 years in detection engineering or cybersecurity research.
• Experience managing technical teams.
• Hands-on experience with KQL and writing use cases in Sentinel.
• SIEM vendor certification (preferred).
• Familiarity with attack vectors and protection means.
• Knowledge of attack frameworks like MITRE ATT&CK and their mapping to detection rules.
• Experience with security monitoring, incident detection, and response best practices.
• Strong analytical, problem-solving, and communication skills.
• Ability to work independently and as part of a team.
• University degree in information security or equivalent experience.
• Relevant certifications (e.g., GIAC GSOC, GCFA, CISSP) are advantageous.

• 23 days of annual leave plus discretionary days on December 24th and 31st.
• Remote work within Spain, preferably in Barcelona.
• Benefits including healthcare, teleworking compensation, life and accident insurances.
• Flexible remuneration programs (meals, childcare, transport, online English lessons, healthcare).
• Access to training platforms.
• Career stability and development plans.
• Referral program.
• Option for 12 or 14 payments per year.
• Work-life balance measures such as flexible hours, WFH policies, and summer hours.