Senior Incident Responder / Blue Team Technical Lead / Permanent
San Sebastian (Basque Region), Spain | Hybrid (3 days on-site)
For a top global client, we are looking for a Senior Incident Responder to take a hands‑on technical lead role within the Blue Team and Incident Response function.
The Role
The organization operates a hybrid SOC model, with an external SOC handling L1/L2 activities and an internal security team. The objective of this role is to internalize the operational leadership of incident response while remaining deeply technical.
This is a senior, operational position for someone who enjoys ownership, investigation, and continuous improvement.
Key Responsibilities
Act as Incident Response Lead and Blue Team Technical Lead
Take operational ownership of incidents and L1/L2 tickets when required
Challenge and improve the performance of the external SOC
Enhance SIEM rules, detections, and response workflows
Lead investigations and coordinate global security incidents
Perform and guide forensic data collection and analysis
Drive innovation and continuous improvement in incident response capabilities
Required Experience
5+ years experience in Incident Response / SOC / Blue Team operations
Hands‑on experience with SIEM platforms and detection engineering
Solid forensics and investigation skills
Ability to lead technically while remaining operational
Experience working in international, enterprise environments
Additional Information
Location: Hernani, Spain (hybrid – 3 days on-site)
Start date: ASAP (target within 2–3 months)
Salary: Competitive, depending on experience
Candidates must be living in Spain (Relocation okay)
#J-18808-Ljbffr