Cyber Security Analyst

Job Title: SOC Analyst – Level 2 & Level 3

Location: Madrid, Spain (Hybrid/On-site options available)

Job Type: Full-time

Language: English (Spanish is a plus)

Start Date: ASAP

About the Role

We are seeking experienced and motivated SOC Level 2 and Level 3 Analysts to join our growing Security Operations Center in Madrid. You will play a key role in monitoring, detecting, investigating, and responding to cybersecurity threats and incidents across our global infrastructure.

Key Responsibilities

SOC Analyst – Level 2:

• Monitor security alerts and logs using SIEM tools (e.g., Splunk, QRadar, Sentinel).
• Perform initial triage and investigation of security incidents.
• Escalate complex threats to Level 3 analysts with detailed context and recommendations.
• Analyze malware, phishing, and intrusion attempts to assess impact.
• Create and update incident tickets with findings and actions taken.
• Support vulnerability management and threat hunting activities.
• Collaborate with IT, infrastructure, and application teams on security-related events.

SOC Analyst – Level 3:

• Lead incident response efforts, including deep-dive forensic investigations.
• Develop and fine-tune detection rules, use cases, and playbooks.
• Perform threat intelligence correlation and attribution analysis.
• Support red team/blue team exercises and post-incident reviews.
• Mentor and support Level 1 and Level 2 SOC analysts.
• Collaborate with security engineering to implement security tools and improve SIEM/SOAR capabilities.
• Deliver threat briefings and incident reports to internal stakeholders.

Required Qualifications & Skills

For Level 2:

• 2–4 years of experience in a SOC, cybersecurity, or IT security role.
• Strong knowledge of SIEM platforms and log analysis.
• Good understanding of TCP/IP, networking protocols, firewalls, and endpoint protection.
• Familiarity with common threat vectors (malware, phishing, brute force, etc.).
• Certifications such as CompTIA Security+, CySA+, or CEH are a plus.
• Fluent in English; Spanish is an advantage.

For Level 3:

• 4–7+ years of experience in cybersecurity operations or threat detection & response.
• Expertise in SIEM, SOAR, EDR tools, and forensic analysis.
• Strong scripting skills (Python, PowerShell, etc.) for automation.
• Hands-on experience with incident response and threat intelligence.
• Relevant certifications such as GCIH, GCIA, OSCP, or CISSP.
• Strong communication and leadership skills.

[email protected]