Soc Analyst (L1/L2) - Incident Response - 100% Remote (Spain)

Squad Conseil Et Expertises
Municipality of Valencia, Spain
3 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Junior

Job location

Remote
Municipality of Valencia, Spain

Tech stack

ARM
Computer Security
Information Systems
Digital Assets
Domainkeys Identified Mail
Domain-Based Message Authentication Reporting and Conformance (DMARC)
Phishing
Kusto Query Language
Sender Policy Framework (SPF)
Palo Alto Networks
Microsoft Sentinel

Job description

Since ****, SQUAD Group has been a key player in the cybersecurity landscape.We partner with leading organizations to protect their information systems through a comprehensive 360° offering of consulting, integration, expertise, and managed services.Our mission: Securing Together!We believe in a collaborative approach to cybersecurity, where experts and clients work hand-in-hand to anticipate threats and protect critical infrastructure.As part of our growing team, we're seeking a SOC Analyst to join a top-tier Incident Response team, defending the digital assets of a company that connects hundreds of millions of people every month.The position is fully remote within Spain.Your RoleYou are a hands-on incident responder.From the moment an alert fires to final resolution, you investigate, contain, and document security incidents with rigor and autonomy.Phishing and email-based attacks make up a significant share of the workload, so a sharp eye for email analysis is essential.Your ResponsibilitiesInvestigate and respond to security incidents across their entire lifecycle, from detection and triage through containment, root cause analysis, and closure.Analyze suspicious emails and phishing campaigns, leveraging header analysis and authentication standards (SPF, DKIM, DMARC).Respond to a variety of alert types, including malicious URLs and compromised domains.Apply and contribute to incident response playbooks, bringing analytical judgment to every investigation.Build and run XQL queries in the Palo Alto Cortex platform to support and accelerate investigations.Produce clear, structured incident documentation and escalate appropriately.What You Bring1-3 years of hands-on SOC experience with strong operational fundamentals.A solid grasp of incident triage and investigation methodology - you understand why an alert fired, not just how to close it.Practical experience analyzing phishing and email-borne threats.Familiarity with Palo Alto Cortex (XSIAM/XDR) and XQL is a strong asset; Microsoft Sentinel/KQL experience is also welcome.A rigorous, transparent approach to investigation - you verify before concluding.Genuine motivation to build a career in Incident Response.Preferred Certifications:BTL1/BTL2, GIAC GCIH, Palo Alto Networks Cortex XDR/XSIAM certifications, Microsoft SC-200Why Join Squad?Personalized Growth: We help you build a training and certification plan aligned with your professional goals through our SquadeXpérience.Expertise Development: Participate in internal events like our MixYourTalent webinars and monthly CTF sessions.Visibility: Attend major industry conferences and contribute to our #TheExpert technical blog.Culture: Enjoy a dynamic and close-knit environment with after-work events and team gatherings that foster great camaraderie.

Requirements

1-3 years of hands-on SOC experience with strong operational fundamentals. A solid grasp of incident triage and investigation methodology - you understand why an alert fired, not just how to close it. Practical experience analyzing phishing and email-borne threats. Familiarity with Palo Alto Cortex (XSIAM/XDR) and XQL is a strong asset; Microsoft Sentinel/KQL experience is also welcome. A rigorous, transparent approach to investigation - you verify before concluding. Genuine motivation to build a career in Incident Response. Preferred Certifications:BTL1/BTL2, GIAC GCIH, Palo Alto Networks Cortex XDR/XSIAM certifications, Microsoft SC-200

About the company

Valencia, España Since ****, SQUAD Group has been a key player in the cybersecurity landscape. We partner with leading organizations to protect their information systems through a comprehensive 360° offering of consulting, integration, expertise, and managed services. Our mission: Securing Together! We believe in a collaborative approach to cybersecurity, where experts and clients work hand-in-hand to anticipate threats and protect critical infrastructure.

Apply for this position