StrongJob Descriptionbr/strongstrongImagine being part of one of the most successful IT companies in Europe. Turn imagination into reality and apply for this exciting career opportunity in Devoteam. br/strongstrongL2 SECURITY ANALYST br/strongWe are seeking a Level 2 (L2) Security Analyst for our Security Operations Center (SOC), with solid experience in SIEM/SOAR solutions, especially Google SecOps, CrowdStrike NG-SIEM and Microsoft/AWS/GCP ecosystems. The ideal candidate will have extensive experience in creating threat detection use cases, and deep knowledge of EDR/XDR technologies and networks/communications.brstrongMain Responsibilitiesbr/strongstrongDetection and Response: br/strongulliAnalyze and investigate medium to high-complexity security alerts, with a goal of resolving 80% without escalation to L3 /liliPerform root cause analysis on complex incidents, documenting findings and recommendations /liliCoordinate incident responses involving multiple systems and cloud platformsbrbr/li /ulstrongDetection Engineering:br/strongulliDesign, implement, and optimize detection use cases based on MITRE ATTCK /liliTune correlation rules in SIEM and detection policies in EDR/XDR to reduce false positives /liliValidate and test new detections before production implementationbrbr/li /ulstrongPlatforms and Tools:br/strongulliOperate and manage Google Chronicle SecOps, CrowdStrike Falcon Next-Gen SIEM and PaloAlto XSIAM as primary platforms /liliManage detections in Microsoft 365 Defender, Azure Sentinel, and AWS Security Hub /liliUtilize PaloAlto Cortex XSIAM for threat analysis and investigationsbrbr/li /ulstrongContinuous Improvement:br/strongulliDevelop automation scripts (Python/PowerShell) for repetitive tasks and alert enrichment /liliMentor and provide technical support to L1 analysts /liliContribute to technical documentation, playbooks, and operational procedures /liliParticipate in proactive threat hunting exercisesbrbr/li /ulstrongTechnical Requirementsbr/strongstrongEssential:br/strongulliFluent English (C1/C2 level) - both written and verbal communication /lili2-4 years of experience in SOC operations, with at least 1 year in an L2 role /liliHands-on experience with at least two of these SIEM/SOAR platforms "Google Chronicle SecOps","Palo Alto XSIAM","CrowdStrike Falcon Next-Gen SIEM", "Microsoft Sentinel" /liliDemonstrable experience with EDR/XDR solutions (CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne, Cortex XDR or Sophos) /liliProficiency in query languages: KQL (Kusto), SPL (Splunk), or SQL /liliStrong knowledge of networks and protocols: TCP/IP, DNS, HTTP/S, network traffic analysis /liliExperience in Microsoft 365 environments (Exchange Online, Azure AD, Defender)brbr/li /ulstrongHighly Valued:br/strongulliHands-on experience with PaloAlto Cortex XSIAM, Google Secops, CrowdStrike NG-SIEM /liliScripting/automation skills: Python, PowerShell, or Bash /liliExperience developing detection use cases based on frameworks (MITRE ATTCK) /liliFamiliarity with threat intelligence platforms (SOCRadar, Google GTI, MISP)brbr/li /ulstrongCertifications (Optional but Valued):br/strongulliPlatform-specific certifications: Microsoft Security Operations Analyst (SC-200), CrowdStrike Certified Falcon Administrator, or Google Chronicle Security Operations /liliGIAC: GCIA, GCIH, or GCFA /liliCompTIA Security+ or CySA+ /liliCertified SOC Analyst (CSA) from EC-Councilbrbr/li /ulstrongProfessional Competenciesbr/strongulliAnalytical capacity and critical thinking for complex investigations /liliExcellent written communication for clear technical documentation /liliVerbal communication skills to explain technical incidents to non-technical audiences /liliService orientation and ability to interact professionally with internal clients /liliEffective time management and prioritization under pressure /liliProactive mindset and oriented towards continuous improvement /liliCollaborative work and willingness to share knowledgebrbr/li /ulstrongEmployment Conditionsbr/strongulliContract Type: Permanent full-time position /liliWork Model: Hybrid (Barcelona) /liliOn-Call rotationsbrbr/li /ulstrongWHAT YOU CAN LOOK FORWARD:br/strongulliA challenging and exciting career with an international perspective and opportunities /liliHigh level of trust and competency to make your own decisions /liliA warm and talented culture with a focus on business, but knowing that family always comes first /liliAccess to international network of specialists within the organization to build your rep and skillsbrbr/li /ulAt Devoteam we have created a culture of honesty and transparency, inclusion, and cooperation which we value a lot. We are looking for colleagues, who are highly motivated and proactive, not afraid of challenges. We are highly invested in the career path development of our employees, and we offer and support possibilities for further training, certification, and specialization.