We are looking for an Security Engineer/Expert to join our client's team. A leading European consulting, planning and project management company with more than 50 years in the Real Estate and Construction sector. Creating a future worth living for future generations gets us out of bed every morning. Now, we are looking for a Cybersecurity Engineer/Expert to strengthen their security posture and help them stay ahead of evolving cyber threats.
If you thrive on solving complex security challenges, from incident response to proactive threat hunting, and want to make a real impact in a global, innovation-driven environment, we’d love to hear from you.
Security Operations & Monitoring
Operate and improve the Security Information and Event Management (SIEM) platform, creating detection rules, fine-tuning alerts, and ensuring comprehensive log coverage.
Monitor, analyze, and correlate security events across multiple sources (firewalls, proxies, endpoints, cloud services, email gateways, identity providers).
Manage and maintain security toolsets (EDR/XDR, IDS/IPS, vulnerability scanners, SOAR, etc.).
Perform regular vulnerability assessments on infrastructure, applications, and cloud services using tools like Nessus, Qualys, OpenVAS.
Coordinate penetration testing initiatives and track remediation of findings with internal IT/DevOps teams.
Ensure systems, servers, and applications are patched and hardened according to best practices.
Perform digital forensics on compromised systems (disk imaging, memory analysis, log extraction).
Document and deliver detailed incident reports, including root cause analysis and preventive recommendations.
Security Architecture & Engineering
Support IT and Cloud teams in designing secure network, endpoint, and cloud architectures.
Contribute to projects involving Zero Trust, segmentation, secure authentication, and cloud security posture management.
Evaluate and test new security solutions (e.g., Bachelor’s/Master’s degree in Computer Science, Cybersecurity, or related field. 3–5 years of relevant experience in cybersecurity (SOC Analyst, Incident Responder, Threat Hunter, Blue Team Engineer).
SIEM & Monitoring: Solid experience with Splunk, QRadar, Microsoft Sentinel, or Elastic, including custom detection and log correlation.
Endpoint & Network Security: Deep knowledge of EDR/XDR solutions (Defender for Endpoint, CrowdStrike, Carbon Black), IDS/IPS, firewalls, and network packet analysis tools (Wireshark, Zeek).
Hands-on experience in triage, malware analysis basics, forensic imaging, and use of tools like Volatility, Autopsy, FTK, or EnCase.
Scripting & Automation: Familiarity with Python, PowerShell, or Bash for automating repetitive tasks and building custom detection scripts.
Cloud Security: Knowledge of securing workloads in Azure, AWS, or GCP, including IAM, logging, and monitoring.
Strong understanding of MITRE ATT&CK, NIST CSF, CIS Controls.
CISSP, GCIH, GCFA, GCIA, CEH, OSCP, Azure/AWS Security Specialty or equivalent.
Strong communication skills, able to explain technical findings to both IT peers and business stakeholders.
A dynamic and collaborative environment where cybersecurity is a strategic priority
Hybrid setup in Málaga (with flexibility for remote work from anywhere in Spain)
Private health insurance options + fitness/sports bonus
Fiscal advantages for commuting, meal costs, and kindergarten expenses
International exposure with the stability of a leading global player