Overview
We are looking for an Security Engineer / Expert to join our client's team. A leading European consulting, planning and project management company with more than 50 years in the Real Estate and Construction sector.
Through future-oriented consulting, the enterprise can offer solutions for successful buildings, profitable real estate portfolios, people-oriented working environments, and visionary mobility concepts.
Creating a future worth living for future generations gets us out of bed every morning. Always working on sustainable, innovative, and economical solutions for real estate, industry, energy, and infrastructure.
Now, we are looking for a Cybersecurity Engineer / Expert to strengthen their security posture and help them stay ahead of evolving cyber threats.
If you thrive on solving complex security challenges, from incident response to proactive threat hunting, and want to make a real impact in a global, innovation-driven environment, we’d love to hear from you.
Responsibilities
Security Operations & Monitoring
* Operate and improve the Security Information and Event Management (SIEM) platform, creating detection rules, fine-tuning alerts, and ensuring comprehensive log coverage.
* Monitor, analyze, and correlate security events across multiple sources (firewalls, proxies, endpoints, cloud services, email gateways, identity providers).
* Identify, investigate, and triage anomalies or suspicious behaviors in real time.
* Manage and maintain security toolsets (EDR / XDR, IDS / IPS, vulnerability scanners, SOAR, etc.).
Vulnerability & Risk Management
* Perform regular vulnerability assessments on infrastructure, applications, and cloud services using tools like Nessus, Qualys, OpenVAS .
* Coordinate penetration testing initiatives and track remediation of findings with internal IT / DevOps teams.
* Maintain asset and risk registers, documenting exposure levels and remediation progress.
* Ensure systems, servers, and applications are patched and hardened according to best practices.
Incident Response
* Lead the end-to-end incident response process : detection, containment, eradication, recovery, and lessons learned.
* Perform digital forensics on compromised systems (disk imaging, memory analysis, log extraction).
* Document and deliver detailed incident reports, including root cause analysis and preventive recommendations.
* Maintain and evolve incident response playbooks aligned with NIST, ISO 27035, or SANS frameworks.
Threat Hunting & Intelligence
* Proactively identify stealthy threats by analyzing large datasets (logs, traffic, endpoints).
* Develop hypotheses based on MITRE ATT&CK tactics and techniques, and validate them via custom queries or scripts.
* Integrate Threat Intelligence Feeds to improve detection rules and hunting procedures.
* Share findings with the SOC and engineering teams to increase overall resilience.
Security Architecture & Engineering
* Support IT and Cloud teams in designing secure network, endpoint, and cloud architectures.
* Contribute to projects involving Zero Trust, segmentation, secure authentication, and cloud security posture management.
* Evaluate and test new security solutions (e.g., advanced EDR, forensic tools, deception technologies).
* Support compliance and certification efforts (ISO 27001, SOC2, GDPR).
Requirements
Education & Experience
* Bachelor’s / Master’s degree in Computer Science, Cybersecurity, or related field. Equivalent practical experience is also valued.
* 3–5 years of relevant experience in cybersecurity (SOC Analyst, Incident Responder, Threat Hunter, Blue Team Engineer).
Technical Skills
* SIEM & Monitoring : Solid experience with Splunk, QRadar, Microsoft Sentinel, or Elastic, including custom detection and log correlation.
* Endpoint & Network Security : Deep knowledge of EDR / XDR solutions (Defender for Endpoint, CrowdStrike, Carbon Black), IDS / IPS, firewalls, and network packet analysis tools (Wireshark, Zeek).
* Incident Response & Forensics : Hands-on experience in triage, malware analysis basics, forensic imaging, and use of tools like Volatility, Autopsy, FTK, or EnCase .
* Threat Hunting : Ability to build hunting queries, leverage threat intelligence, and investigate attacker persistence and lateral movement.
* Vulnerability Management : Experience with scanners ( Nessus, Qualys, OpenVAS ), patch management, and remediation tracking.
* Scripting & Automation : Familiarity with Python, PowerShell, or Bash for automating repetitive tasks and building custom detection scripts.
* Cloud Security : Knowledge of securing workloads in Azure, AWS, or GCP, including IAM, logging, and monitoring.
Frameworks & Standards
* Strong understanding of MITRE ATT&CK, NIST CSF, CIS Controls .
* Familiarity with compliance / regulatory requirements ( ISO 27001, GDPR ).
Certifications (nice to have, not mandatory)
* CISSP, GCIH, GCFA, GCIA, CEH, OSCP, Azure / AWS Security Specialty or equivalent.
Soft Skills
* Analytical mindset, structured problem-solving, and ability to work under pressure during incidents.
* Strong communication skills, able to explain technical findings to both IT peers and business stakeholders.
* Proactive, self-driven, and continuously learning.
What we offer
* A dynamic and collaborative environment where cybersecurity is a strategic priority
* Hybrid setup in Málaga (with flexibility for remote work from anywhere in Spain)
* Competitive salary range 50K–65K depending on experience
* Continuous learning and development through our internal Academy and external certifications
* Private health insurance options + fitness / sports bonus
* Fiscal advantages for commuting, meal costs, and kindergarten expenses
* Employee referral program with attractive bonuses
* International exposure with the stability of a leading global player
Ready to make an impact? Apply now and join us in shaping a secure and sustainable future.
#J-18808-Ljbffr