Security Operations Analyst (SIEM) – 6‑Month Contract – Spain (Fully Remote / Hybrid)
Long‑running contract opportunity for a Security Operations Analyst. You may work fully remote or hybrid/onsite at the client’s offices in Valencia, Spain. You will join an existing security operations team and help manage, identify, and resolve security‑related incidents for the main client and its end customers. One of your main responsibilities will be to administer and engineer SIEM platforms.
Single‑stage Teams interviews will take place at the end of June with onboarding in July or early August. The initial contract is 6 months, with extensions that could run for four years or more.
Security Operations Analyst Duties
- Build, adjust, and implement analytics and detection rules for SIEM, EDR, and AV
- Contribute to the preparation of KPIs for cybersecurity operations capabilities
- Monitor and investigate alerts leveraging Microsoft Security Tools (e.g., Microsoft 365, Cloud App Security, Azure, Defender for Endpoint, Azure Security, Azure Sentinel, and XDR)
- Monitor and triage AWS security events and detections
- Monitor and investigate alerts leveraging EDR solutions
- Work with alerts from CSOC Analysts to perform in‑depth analysis and triage of network security threat activity based on computer and media events, malicious code analysis, and protocol analysis
- Review trouble tickets generated by CSOC Analysts
- Provide other ad‑hoc support as required
You Will Have
- Knowledge of Transmission Control Protocol / Internet Protocol (TCP/IP) protocols
- Experience with Microsoft Security Tools (e.g., Microsoft 365, Cloud App Security, Azure, Defender for Endpoint, Azure Security, Azure Sentinel, and XDR)
- Knowledge of cloud technologies (e.g., Azure, AWS, and GCP)
- Experience with SIEM tools such as Splunk, QRadar, ArcSight, MS Sentinel, and ELK Stack
- Knowledge of at least one EDR solution (MS Defender for Endpoint, SentinelOne, Crowdstrike)
- Experience reviewing raw log files, data correlation, and analysis (e.g., firewall, network flow, IDS, system logs)
- Proven experience administering a SIEM platform, preferably Splunk or Microsoft Sentinel SIEM
- Fluent English
This is a live requirement. The client is an international organisation that will look great on your CV. It offers a collaborative and enjoyable work environment, with a team of international technical professionals. If you have SOC/SOA experience and want a new opportunity, get in touch today.
#J-18808-Ljbffr