CYBERSECURITY ANALYST
Job Description
Description
At SIRT , a company with more than 26 years of experience in the telecommunications sector, we work to protect the digital assets of our clients at a national and international level. We are currently looking for a Cybersecurity Analyst to join our managed services team and actively participate in the identification, analysis and mitigation of risks in real time.
If you are passionate about cybersecurity, are critical, decisive and looking to face complex challenges, this is your opportunity.
What functions will I perform?
· Detection and response to security events in real time, identifying threats and generating alerts to mitigate them.
· Manage and classify security incidents using reference frameworks such as MITRE ATT&CK.
· Configure and operate SIEM solutions (QRadar, Splunk, ELK, Wazuh, etc.) for data ingestion and correlation.
· Investigate security incidents using log analysis and forensic tools.
· Participate in the optimization of incident response processes and development of use cases.
· Collaborate in Threat Hunting and Threat Intelligence activities to identify new threats.
· Prepare technical and executive reports for internal and external stakeholders.
What do we offer?
· Type of contract : Permanent
· Hours: Monday to Friday, 9:00 a.m. to 6:00 p.m.
· Salary: According to profile and experience.
· Incorporation: Immediate.
· Place of work: Any region of Spain.
· Modality: 100% Teleworking
If you want to develop your professional career and specialize in the area of cybersecurity, this is your opportunity to join SIRT
Requirements
1. Operating Systems
· Knowledge of Windows Server administration (AD, GPOs, DNS, DHCP, Exchange) and GNU/Linux (Debian, RHEL, CentOS).
· Experience in advanced scripting (PowerShell, Bash, Python) is desirable.
2. Infrastructure and Security Solutions
· Knowledge of the operation and design of Microsoft business solutions (AD, Exchange, SQL Server).
· Familiarity with EDR security solutions (Crowdstrike, TrendMicro, etc.), and ability to interpret logs from different endpoints.
· Experience with SIEM platforms (QRadar, Splunk, ELK, Wazuh, etc.), including the creation of custom dashboards and data ingestion processes.
· Knowledge of integration systems and data transmission via Syslog, HEC, CEF, APIs, etc.
3. Incident Management
· Experience in incident management, log analysis from various sources and incident classification using frameworks such as the cyber kill chain.
VALUED KNOWLEDGE:
1. Cloud Computing
· Experience with hybrid and public cloud infrastructures (Azure, Microsoft 365, Exchange Online).
2. SOAR Solutions
· Familiarity with automation tools such as Splunk Phantom, Cortex XSOAR or Palo Alto, and ability to optimize security operations using these solutions.
3. Threat Hunting and Threat Intelligence
· Knowledge in development of use cases and evolution of detection systems.
· Experience in global threat analysis (APT) and use of OSINT.
· Ability to navigate information repositories such as the dark web and perform threat intelligence analysis.
4. Forensic Analysis and CSIRT
· Knowledge of incident resolution, evidence custody and specific tools for forensic analysis.
Skills:
· Technical leadership in multidisciplinary teams and ability to work proactively as a team.
· High crisis management capacity in mission-critical environments.
· Focus on process automation and optimization.
· Strong commitment to continuous improvement and learning about new emerging technologies.
· Ability to make strategic decisions in complex environments.
