HubMub
-
Devoteam

L2 Security Analyst

Devoteam
Spain · Full-time · Mid-Senior
Job Description

Imagine being part of one of the most successful IT companies in Europe. Turn imagination into reality and apply for this exciting career opportunity in Devoteam. 

L2 SECURITY ANALYST

We are seeking a Level 2 (L2) Security Analyst for our Security Operations Center (SOC), with solid experience in SIEM/SOAR solutions, especially Google SecOps, CrowdStrike NG-SIEM and Microsoft/AWS/GCP ecosystems. The ideal candidate will have extensive experience in creating threat detection use cases, and deep knowledge of EDR/XDR technologies and networks/communications.

Main Responsibilities

Detection and Response:

  • Analyze and investigate medium to high-complexity security alerts, with a goal of resolving 80% without escalation to L3
  • Perform root cause analysis on complex incidents, documenting findings and recommendations
  • Coordinate incident responses involving multiple systems and cloud platforms


Detection Engineering:

  • Design, implement, and optimize detection use cases based on MITRE ATT&CK
  • Tune correlation rules in SIEM and detection policies in EDR/XDR to reduce false positives
  • Validate and test new detections before production implementation


Platforms and Tools:

  • Operate and manage Google Chronicle SecOps, CrowdStrike Falcon Next-Gen SIEM and PaloAlto XSIAM as primary platforms
  • Manage detections in Microsoft 365 Defender, Azure Sentinel, and AWS Security Hub
  • Utilize PaloAlto Cortex XSIAM for threat analysis and investigations


Continuous Improvement:

  • Develop automation scripts (Python/PowerShell) for repetitive tasks and alert enrichment
  • Mentor and provide technical support to L1 analysts
  • Contribute to technical documentation, playbooks, and operational procedures
  • Participate in proactive threat hunting exercises


Technical Requirements

Essential:

  • Fluent English (C1/C2 level) - both written and verbal communication
  • 2-4 years of experience in SOC operations, with at least 1 year in an L2 role
  • Hands-on experience with at least two of these SIEM/SOAR platforms "Google Chronicle SecOps","Palo Alto XSIAM","CrowdStrike Falcon Next-Gen SIEM", "Microsoft Sentinel"
  • Demonstrable experience with EDR/XDR solutions (CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne, Cortex XDR or Sophos)
  • Proficiency in query languages: KQL (Kusto), SPL (Splunk), or SQL
  • Strong knowledge of networks and protocols: TCP/IP, DNS, HTTP/S, network traffic analysis
  • Experience in Microsoft 365 environments (Exchange Online, Azure AD, Defender)


Highly Valued:

  • Hands-on experience with PaloAlto Cortex XSIAM, Google Secops, CrowdStrike NG-SIEM
  • Scripting/automation skills: Python, PowerShell, or Bash
  • Experience developing detection use cases based on frameworks (MITRE ATT&CK)
  • Familiarity with threat intelligence platforms (SOCRadar, Google GTI, MISP)


Certifications (Optional but Valued):

  • Platform-specific certifications: Microsoft Security Operations Analyst (SC-200), CrowdStrike Certified Falcon Administrator, or Google Chronicle Security Operations
  • GIAC: GCIA, GCIH, or GCFA
  • CompTIA Security+ or CySA+
  • Certified SOC Analyst (CSA) from EC-Council


Professional Competencies

  • Analytical capacity and critical thinking for complex investigations
  • Excellent written communication for clear technical documentation
  • Verbal communication skills to explain technical incidents to non-technical audiences
  • Service orientation and ability to interact professionally with internal clients
  • Effective time management and prioritization under pressure
  • Proactive mindset and oriented towards continuous improvement
  • Collaborative work and willingness to share knowledge


Employment Conditions

  • Contract Type: Permanent full-time position
  • Work Model: Hybrid (Barcelona)
  • On-Call rotations


WHAT YOU CAN LOOK FORWARD:

  • A challenging and exciting career with an international perspective and opportunities
  • High level of trust and competency to make your own decisions
  • A warm and talented culture with a focus on business, but knowing that family always comes first
  • Access to international network of specialists within the organization to build your rep and skills


At Devoteam we have created a culture of honesty and transparency, inclusion, and cooperation which we value a lot. We are looking for colleagues, who are highly motivated and proactive, not afraid of challenges. We are highly invested in the career path development of our employees, and we offer and support possibilities for further training, certification, and specialization.

Key Skills

Ranked by relevance

siem microsoft defender powershell python splunk cloud aws dns
Login to Apply
🇪🇸

Country Guide

Spain

Strong city options with excellent lifestyle

Posted
Jan 03, 2026
Type
Full-time
Level
Mid-Senior
Location
Barcelona
Company
Devoteam

Industries

IT Services IT Consulting

Categories

Information Technology

Related Jobs

3 roles aligned with this opportunity

View all jobs
View Job Details
Devoteam
Related

Cybersecurity Operator

2026-05-21

Full-time
Mid-Senior
Spain
IT Services
Information Technology
View Job Details
Neotalent Conclusion
Related

Azure Devops

2026-05-19

Full-time
Associate
Spain
IT Services
Information Technology
View Job Details
EPAM Systems
Related

DevOps Engineer

2026-05-27

Full-time
Associate
Argentina
Software Development
Engineering