- **Devoteam is a leading European consultancy focused on digital strategy, technology platforms, cybersecurity, and business transformation through technology.** Focused on 6 areas of specialization, we address our clients’ strategic challenges: Digital Business & Products, Data-driven Intelligence, Distributed Cloud, Business Automation, Cybersecurity, and Sustainability achieved through Digitalization. Technology is in our DNA, and we believe in it as a lever capable of driving change for improvement, maintaining a balance that allows us to offer our clients top-tier technological tools while always preserving the closeness and professionalism of a team acting as a guide throughout the journey. Our **25 years of experience** make us an innovative, established, and mature consultancy enabling the development of our **10,000 people**, continuously certifying our consultants in the latest technologies and counting on experts in: Cloud, BI, Data Analytics, Business Process Excellence, Customer Relationship Management, Cybersecurity, Digital Marketing, Machine Learning, Software Engineering and Development. Devoteam has been awarded Partner of the Year 2021 by the 5 leading cloud providers: **AWS, Google Cloud, Microsoft, Salesforce and ServiceNow.** In Spain, we are present in Madrid, Barcelona, Zaragoza and Bilbao. **Your responsibilities will include:** * Managing, validating, resolving and monitoring detected incidents. * Using complementary data sources, such as threat intelligence feeds, vulnerability data and user information, to perform enhanced correlation and analysis. * Analyzing current and historical security alerts to identify malicious activities. * Conducting event-driven threat hunting, extracting IOCs where applicable and analyzing for other security incidents. * Isolating issues, analyzing impact and distributing corrective actions. * Advising on improving security posture, when appropriate. * Identifying opportunities to customize and improve detection rules and digital Playbooks. **Conditions:** 100% remote, flexible start time, summer working hours, flexible compensation and much more! **Requirements:** * At least 2–3 years of hands-on experience managing SOAR solutions (troubleshooting and content development). * Understanding of Chronicle and/or Cortex architecture. Proficiency in Python. Experience administering and troubleshooting Linux systems. * Strong technical skills. * Relevant certification. * Experience as a SOC analyst. **Desirable:** * Experience with SIEM and big data systems.