The RoleCybersecurity professional specialized in Google SecOps, with hands‑on experience across Google SecOps, including SIEM, SOAR automation, BigQuery‑based threat analytics, and Gemini‑powered security workflows. Skilled in designing, implementing, and operating end‑to‑end detection, investigation, and response capabilities in Google Cloud environments. Adept at leveraging Google’s AI‑driven security ecosystem to enhance threat visibility, accelerate incident resolution, and strengthen operational resilience across large‑scale, cloud‑native infrastructures.Who You Are- 3+ year in cybersecurity services- Spanish and English (B2 level or higher)Advanced Technician Certificate in Multiplatform Application DevelopmentCertifications- Google SecOps – SOAR Developer- Google SecOps – SOAR AnalystFull‑time 8x5 schedule, hybrid (Madrid) full remoteKey Responsibilities- Operate and optimize Google SecOps platforms, ensuring high‑quality detection, response, and monitoring capabilities- Design and maintain custom detection logic using UDM, YARA‑L rulesets, and BigQuery analytics- Lead incident investigation and response using Chronicle’s investigation workbench and Gemini‑driven workflows- Build and automate SOAR playbooks for triage, containment, remediation, and enrichment- Integrate diverse log sources into Google SecOps (GCP services, endpoints, SaaS applications, on‑prem systems)- Conduct threat hunting using BigQuery, threat intelligence, and historical log datasets- Collaborate with SecOps, Cloud, and IT teams to ensure consistent security visibility across hybrid environments- Support forensics and root cause analysis by leveraging Google Cloud‑native telemetry- Develop dashboards, reports, and operational KPIs for security leadership and governance- Tune detections, enrich signals, and refine playbooks to reduce false positives and accelerate response- Align security operations with regulatory and compliance requirements relevant to the environment- Drive continuous improvement by evaluating new features in Chronicle, Gemini, and Google Cloud Security ServicesCore Required Competencies- Expert understanding of Google SecOps (Chronicle SIEM, Chronicle SOAR, investigation workbench)- Strong experience with BigQuery for threat detection, analytics, and custom security queries- Knowledge of Gemini for Security (AI‑assisted investigation, threat summarization, response acceleration)- Understanding of Google Cloud security architecture, IAM, VPC, SCC (Security Command Center)- Hands‑on experience creating detection rules, YARA‑L, IOCs, UDM‑based queries- Familiarity with log ingestion pipelines (Dataflow, Pub/Sub, Log Router)- Experience in SOAR playbook design, automation, and orchestration for incident response- Knowledge of MITRE ATT&CK, threat hunting methodologies, and incident lifecycle management- Ability to perform forensic analysis leveraging Google Cloud evidence sources (GCS, Cloud Logging, API logs)- Skills in scripting (Python, SQL, bash) for automation and custom tooling- Experience with threat intelligence enrichment, IOC management, and contextual analysis- Strong communication and documentation skills for reporting, runbooks, and knowledge basesBenefitsKyndryl offers a range of benefits designed to support your well‑being and professional growth. Employees have access to learning programs that provide certifications across Microsoft, Google, Amazon, Skillsoft, and other platforms. The company also encourages volunteerism and the pursuit of community engagement activities, providing support for fundraising and volunteering initiatives. Overall, Kyndryl invests heavily in employee success through continuous development opportunities and comprehensive benefit options.#J-18808-Ljbffr