Information Security Engineer - Cyber Threat Detection & Response
Role details
Job location
Tech stack
Job description
regulatory compliance. Key Responsibilities: * Develop and tune threat detection rules across SIEM, EDR, and cloud environments. * Lead containment, eradication, and recovery efforts for cyber incidents. * Create and maintain dashboards to track KPIs such as MTTD, MTTR, detection coverage, and investigation volume. * Perform threat hunting based on current threat intelligence and adversary TTPs. * Automate alert enrichment, triage, and response workflows using SOAR or scripting (Python/PowerShell). * Collaborate with IT, cloud, and compliance teams to enhance detection quality and response readiness. * Contribute to documentation, playbooks, and continuous process improvement. Requirements * 6+ years in SOC, IR, or threat detection roles * Hands-on experience with SIEM (e.g., Microsoft Sentinel, Splunk), EDR (e.g., Defender, CrowdStrike) * Experience with Azure/AWS cloud security logs and detection use cases * Practical knowledge of MITRE ATT&CK *, Ability to produce meaningful
Requirements
metrics and dashboards, (e.g., Sentinel Workbooks, Power BI, Kibana) * Clear communication skills across technical and non-technical stakeholders Nice to have: * Experience in aviation, logistics, or other regulated sectors * Familiarity with SOAR platforms * Certifications such as GCIA, GCIH, OSCP, or cloud security (AZ-500, AWS Security Specialty) * Understanding of NIS2 or EASA cybersecurity guidance * We promote innovation, all our teams are Agile and several PoCs of new technologies or innovative ideas are launched every week. * A competitive but flexible technical career plan. * We believe in an hybrid working model, you can work up to three days per week remote, but you are also going to enjoy the excellent work environment at our modern offices in the heart of Madrid. * Optional discounts on health insurances(various companies). #J-18808-Ljbffr
