Junior SOC Analyst – Remote (Spain or Portugal)
Since 2011, SQUAD Group has been a key player in the cybersecurity landscape. We partner with leading organizations to protect their information systems through a comprehensive 360° offering of consulting, integration, expertise, and managed services.
Descubra si esta oportunidad es adecuada para usted leyendo toda la información que sigue a continuación.
Our mission: Securing Together!
We believe in a collaborative approach to cybersecurity, where experts and clients work hand-in-hand to anticipate threats and protect critical infrastructure.
As part of our growing team, we're seeking a Junior SOC Analyst to join us fully remotely from Spain or Portugal. This role will put you at the core of a top-tier Incident Response team, defending the digital assets of a company that connects hundreds of millions of people every month.
Your Role
You are the SOC's first line of defense, responsible for real-time monitoring, initial triage, and escalation. You'll develop your skills within an integrated security ecosystem spanning SIEM, EDR, DLP, and NIDS tools, with a strong focus on AWS cloud environments and phishing incident response. You'll contribute directly to the SOC's mission of rapid detection and response — from anywhere in Spain or Portugal.
Your Responsibilities
* Monitor alerts and identify potential threats across cloud and on-premise environments, with particular attention to AWS workloads.
* Triage, analyze, and document phishing incidents as a core part of daily operations — including email header analysis, URL/attachment inspection, and user reporting workflows.
* Perform initial enrichment and escalation of suspicious activity to L2/L3 analysts when thresholds are met.
* Follow established playbooks and SOPs to ensure consistent and reliable triage.
* Participate in simulations, training, and certification pathways to build expertise.
* Maintain dashboards, metrics, and shift logs to support SOC visibility and reporting.
What You Bring
* 1–3 years of experience in security operations or a related field.
* Hands-on or academic exposure to SIEM/EDR monitoring and escalation practices.
* Familiarity with AWS environments and cloud security concepts (IAM, CloudTrail, GuardDuty, etc.) is a strong plus.
* Experience handling phishing incidents — analysis, containment, and user communication.
* Eagerness to learn and grow within a fast-paced, fully remote SOC environment.
* Strong analytical, communication, and teamwork skills — autonomy and written clarity are key when working remotely.
Preferred Certifications: BTL1–2, CompTIA Security+, AWS Cloud Practitioner or AWS Security Specialty, working toward GIAC (GSEC or GCIA)
Why Join Squad?
* Personalized Growth: We help you build a training and certification plan aligned with your professional goals through our SquadeXpérience.
* Expertise Development: Participate in internal events like our MixYourTalent webinars and monthly CTF sessions.
* Visibility: Attend major industry conferences and contribute to our #TheExpert technical blog.
* Culture: Enjoy a dynamic and close-knit environment with after-work events and team gatherings that foster great camaraderie — even remotely. xhfqzwm
Hay opciones de teletrabajo/trabajo desde casa disponibles para este puesto.