Senior Cybersecurity Detection Analyst

Social network you want to login/join with:

At Getronics, we are looking to expand our IT Security team by adding a Cybersecurity Detection Analyst. This position is remote during office hours, with a preference for candidates living in Barcelona or nearby, as our SOC is located there (not mandatory).

The successful candidate will help enhance our existing ATT & CK based managed manual for the Getronics Security Operations Center, advancing it to a higher level of maturity and capability. Additionally, you will support daily threat detection activities for a diverse range of clients across various industries, as well as Getronics’ private and hybrid cloud services and internal IT.

Requirements

• Minimum two years of experience as a Cybersecurity Detection Analyst working with SIEM technologies such as QRadar, LogRhythm, Splunk Elastic Security, InsightsIDR, AlienVault OSSIM, etc.
• Experience in other cybersecurity technical roles, such as SOC Analyst, Cyber Intelligence Analyst, Penetration Tester, etc.
• Hands-on experience implementing detection playbooks based on the MITRE ATT&CK framework.
• Strong problem-solving skills and analytical thinking.
• Good understanding of the cybersecurity threat landscape, attack vectors, and best practices for system and network protection.
• Proficiency with at least two of the following technologies: Python, RegEx, Sigma, YARA.
• Experience in tuning correlation rules for performance.
• Excellent communication skills, with the ability to write clear documentation and summarize findings effectively.
• Fluent in English, both written and spoken, for international communication.
• Structured, results-oriented working approach.

Assets (not essential):

• Understanding of logging and analysis formats, including cloud technologies.
• Knowledge of MITRE D3FEND.
• Deep understanding of the cyber threat landscape.
• Certifications such as SANS SEC511 (GIAC GMON), SIEM certifications, Cloud certifications (AWS, Azure, etc.).
• Degree in Computer Science, Security, or related fields.

Functions

• Develop threat detection rules to identify attacker techniques, collaborating with threat intelligence, incident response, security analysts, and infrastructure teams.
• Maintain and update existing rules to ensure effectiveness and lifecycle management.
• Evaluate coverage against the ATT&CK framework to identify gaps and improvements.
• Create and monitor metrics to assess detection performance.
• Support compliance use cases as needed.
• Develop lists and tools to support correlation rules.
• Create dashboards for threat detection and train analysts on their use.
• Develop efficient search queries for threat hunting activities.
• Collaborate with business and IT teams to develop detection strategies for current and emerging needs.
• Analyze alert trends to drive improvements.
• Maintain and improve data collection, co-management frameworks, and documentation.