BT Group
Cyber Security Specialist, Spain Operations
BT GroupSpain16 days ago
Full-timeRemote FriendlyEngineering, Information Technology
Job summary:

We are seeking a cyber security specialist to join a global company in a growing and continuously evolving field, as part of a collaborative and comfortable team environment.

The selected candidate will work in a Cyber Security Operation Centre during business hours on a 8x5 basis.

The role has the following objectives:

  • Proactively identify and prevent threats, breaches, and vulnerabilities to protect customers, as well as providing reactive support when incidents occur.
  • Manage complex cybersecurity incidents.
  • Support the delivery and operations of IT security services, including strategy, policies, and threat response processes.

Key Responsibilities:

  • Integrate log sources into SIEM solutions to increase visibility and configure them for proper operation.
  • Create and tune analytical rules to improve the detection of malicious activities according to customers security and business needs.
  • Align incident detection configurations deterministically with the MITRE ATT&ACK framework.
  • Align the threat model configurations to detect potential threat anomalies in the incident response process.
  • Provide an audit methodology based on OSINT to ensure the proper application in the incident management process.
  • Provide proactive and reactive security technical support to the Cyber Security Analyst team.
  • Be on duty 24/7 for security incident escalations and critical interventions
  • Serve as the escalation point and technical lead for P1 and P2 security incidents, as well as major global security incidents.
  • Actively participate in initiatives aimed at enhancing the overall quality of processes and outcomes within the CySOC.
  • Provide guidance and mentorship to team members in the Madrid CySOC to enhance their skills and knowledge.

Required qualifications:

  • At least 3 years of experience in security management and operations within a SOC, with a strong understanding of network security and incident response.
  • Senior-level skills in security systems technologies:
    • SIEM systems: Microsoft Sentinel, Logrhythm, Splunk, QRadar
    • Log management systems
    • XDR systems: Crowdstrike, Microsoft Defender, TrendMicro, Sekoia, PaloAlto Cortex
    • Identity and Access Management (IAM) systems: Microsoft Defender for Identity, Okta, CyberArk
    • Anomaly detection systems: Darktrace, ExtraHop
    • Sandboxing: AnyRun, Cuckoo
    • Orchestration systems: PaloAlto XSOAR, TheHive, Chronicle
    • Senior-level skills and knowledge to understand and apply MITRE ATT&CK framework definitions to threats, breaches and vulnerabilities detection
    • Senior-level skills in analysing malware, extraction indicators of compromise, and providing mitigation recommendations.
    • Senior-level skills in monitoring advanced threats
    • Basic programming skills in Python or Bash for process automation.
    • Soft skills: customer focus, teamwork, efficient and effective communication adapted to the audience, analytical mindset, attention to detail, problem-solving ability, leadership, teaching and coaching, taking ownership
    • Fluent in English, both written and speaking

    Valuable qualifications:

    • Knowledge of Threat Intelligence Platforms: Anomaly, Threat Connect, MISP
    • Knowledge of vulnerability scanning tools: Qualys, Tenable
    • CompTia Security +
    • CISSP
    • Certified Incident Handler
    • Cisco CCN Routing & switching or CCNA security
    • Recognised technical qualification or accreditation in the field of security specialism.

    Compensation and benefits:

    • A competitive salary with benefits (health insurance, retirement plans,..)
    • Initial and continuous training to keep up to date in the world of cybersecurity
    • Job security
    • Hybrid work model

    Key Skills

    Ranked by relevance
    Apply