**What is Telefónica Tech?** Telefónica Tech is the leading digital transformation company within the Telefónica Group. We offer a comprehensive portfolio of integrated technology services and solutions in Cybersecurity, Cloud, IoT, Big Data, Artificial Intelligence, and Blockchain, supporting our clients throughout their digital transformation journey. We are a team of over 6,200 bold professionals working daily from various locations worldwide to achieve excellence through leadership grounded in transparency and teamwork. If you identify with our core values, we look forward to meeting you! www.telefonicatech.com **What do we do in the team?** Within Telefónica Cybersecurity & Cloud Tech’s Incident Response and Forensic Analysis Unit, we have a young and dynamic team that responds to major incidents affecting our most important clients. We work to contain, analyze, and eradicate threats detected across client environments, holding meetings with them to explain what happened, how it occurred, and what actions they must take to prevent recurrence. **What will your day-to-day look like?** Your mission will be to join the Incident Response and Forensic Analysis team to receive new incidents and continue ongoing investigations. Your day-to-day responsibilities will include: * Creating and maintaining processes involved in incident response phases. * Enhancing the Group’s overall incident response capability. * Providing advisory, support, and local response capability improvement. * Centralizing and logging incidents globally. * Performing *incident handling* for high-priority incidents. Report development: * Incident response protocols, procedures, and playbooks. * Response and action plans for specific threats. * Support materials and guidance documents tailored for regional teams. * Metrics and indicators on globally recorded and consolidated incidents. **And for this role, we believe it would be ideal if you had…** **Experience** * One to two years of experience in cybersecurity, IT, networking, or systems-related fields. * Security monitoring: basic use of SIEM tools (e.g., Splunk, QRadar, Elastic). * Log analysis: identifying suspicious events in Windows/Linux systems. * Incident management: participation in simulations or basic incident response activities. * Basic system and application hardening. Familiarity with: * Network protocols and traffic concepts (TCP/IP, HTTP, DNS). * Security controls: antivirus, EDR, firewalls. **Education** * Higher vocational training in computer systems, computing and/or telecommunications; or medium/higher-level degree in computing and/or telecommunications; or postgraduate/Master’s degree in computing, telecommunications, and/or forensic sciences (criminology, criminalistics) or digital forensics. Desirable: * Any general cybersecurity certification, such as CompTIA Security+ or EC-Council Certified SOC Analyst. **Technical knowledge** * Cybersecurity fundamentals: threat, vulnerability, and risk concepts. * Operating systems: Windows and Linux (basic commands, logs). * Networking: TCP/IP, common protocols (HTTP, DNS, SMTP), firewall concepts. * Basic tools: Wireshark, Nmap, antivirus, EDR. * Incident management: understanding of the incident lifecycle, roles, and responsibilities. * Best practices: ISO 27001, NIST, MITRE ATT&CK. **The skills that best align with this role, team, and project are:** * Strong **analytical and problem-solving abilities**. * **Clear communication skills** (for incident reporting). * **Teamwork orientation** and capacity for rapid learning. **Languages** * Required: native-level Spanish. * Preferred: English at B2 level or higher. **What do we offer?** * Work-life balance measures and flexible working hours. * Continuous training and certification opportunities. * Hybrid remote work model. * Attractive social benefits package. * Excellent, dynamic, and multidisciplinary work environment. * Volunteering programs. **#WeAreDiverse #WePromoteEquality** We firmly believe diverse and inclusive teams are more innovative, transformative, and achieve better results. Therefore, we actively promote and guarantee inclusion for all individuals regardless of gender, age, sexual orientation or identity, culture, disability, or any other condition. We want to meet you!