Location
Sevilla | Spain
Job description
This position is responsible for coordinating the activities of the incident monitoring and response squad within the Security Operations Center (SOC) for Admiral Europe, based in Spain. The team is tasked with Monitoring and Analysis, Cyber Incident Handling, Threat Intelligence & Hunting and user activity monitoring across both on-premises and cloud environments. The role holds significant visibility and is directly responsible for ensuring the efficient and effective functioning of the incident monitoring and response team within the SOC.
Requirements:
TASKS AND RESPONSIBILITIES:
- Plan, coordinate, and supervise the activities of the incident monitoring and response team within the SOC.
- Coordinate activities and tasks within the Blue Team, ensuring the correct monitoring and containment of threats and proposing improvement actions.
- Drive the implementation and improvement of tools, capabilities, frameworks, and methodologies for the team.
- Ensure timely and effective identification, isolation, mitigation, and reporting of critical incidents by the team.
- Promote industry best practices in incident response, cybersecurity analysis, knowledge management, and team operations.
- Familiarity and experience with SIEM systems (Security Information and Event Management), as well as defining and improving use cases in SIEM.
- Knowledge of security tools such as EDR (Endpoint Detection and Response), firewalls, IDS/IPS (Intrusion Detection/Prevention Systems), etc.
- Familiarity with cloud concepts, particularly in AWS, and experience in monitoring and responding to threats in cloud environments.
- Promote and drive implementation of automation and process efficiencies.
- Maintain situational awareness of escalated events, alerts, tool status, vulnerability status, forensics and malware investigations, and other team functions.
- Experience in reporting team activities and delivering recommendations aligned with company security policies and procedures.
- Provide remediation recommendations to customers based on team findings.
- Develop, review, and approve procedural documentation as necessary.
- Provide direction for team functions, ensuring compliance with policies and procedures.
- Provide leadership and management to team personnel.
Must have requirements:
- Previous experience in a leadership role within an incident monitoring and response team.
- 5+ Years experience in incident response, threat intelligence, and vulnerability assessments.
- Strong analytical and problem-solving skills.
- Advanced knowledge of best practice standards and procedures regarding information systems applications security, data security, and infrastructure security.
- Experience with SIEM systems and defining/improving use cases in SIEM.
- Knowledge of security tools such as EDR, firewalls, IDS/IPS, etc.
- Familiarity with cloud environments, especially AWS.
- Excellent communication and interpersonal skills.
- Ability to work effectively under pressure and in a fast-paced environment.
- Demonstrated personal integrity, the ability to professionally handle confidential matters and exhibit the appropriate level of judgment and decision-making commensurate with the position and responsibilities.
- Residence in Spain.
- Good english level: B2+
Nice to have requirements:
- AWS Architect certifications
- Incident Handling certifications
- DFIR Experience
Job tags
Salary