Job Summary: Telefónica Tech seeks a Cybersecurity and Incident Response professional to identify, analyze, and mitigate security incidents, designing playbooks and coordinating response plans. Key Highlights: 1. Manage and mitigate security incidents in real time. 2. Collaborate with multidisciplinary teams in incident investigations. 3. Contribute to the continuous improvement of cybersecurity. **WHAT IS TELEFÓNICA TECH?** Telefónica Tech is the leading digital transformation company within the Telefónica Group. We offer a comprehensive portfolio of integrated technology services and solutions in Cybersecurity, Cloud, IoT, Big Data, Artificial Intelligence, and Blockchain, supporting our clients throughout their digital transformation journey. We are a team of over 6,200 bold professionals working daily from various locations worldwide to achieve excellence through leadership grounded in transparency and teamwork. If you identify with our core values, we look forward to meeting you! www.telefonicatech.com**WHAT DO WE DO IN THE TEAM?** Within Telefónica Tech’s **Cybersecurity and Incident Response Unit**, we manage, analyze, and mitigate security incidents in real time. We specialize in protecting our clients’ critical assets against digital threats, ensuring business continuity and minimizing risk. We work closely with multidisciplinary teams to guarantee an effective and tailored response aligned with each organization’s needs—particularly within the banking sector. **WHAT WILL YOUR DAY-TO-DAY LOOK LIKE?** Your mission will be to ensure proper identification, analysis, and response to cybersecurity incidents by applying best practices in cybersecurity, developing new use cases, designing playbooks, and coordinating with N1 and N2 teams. Your day-to-day responsibilities will include: **Your day-to-day will include:** + Designing and coordinating incident containment, analysis, eradication, and recovery plans. + Managing N2 and N3 technical Incident Response teams. + Collaborating with internal and external teams on complex incident investigations. + Acting as Incident Handler during incident response. + Generating detailed reports on events, incidents, and security trends. + Proposing improvements to cybersecurity policies and procedures. + Contributing to the updating and maintenance of Indicators of Compromise (IoCs). + Participating in incident response simulations and cybersecurity exercises. + Creating and reviewing technical and forensic reports. + Designing and supervising incident response playbooks. **AND FOR THIS, WE BELIEVE IT WOULD BE IDEAL IF YOU HAD…** **Experience** * Over **5 years** of experience in roles related to cybersecurity analysis, incident management, and SOC/CERT operations. * Prior experience in highly critical environments, preferably within the banking sector. * Experience managing teams. * Advanced knowledge of Incident Response and digital forensics analysis. * Experience designing use cases and incident response playbooks. * Knowledge of workflow design across different operational teams. * Familiarity with security frameworks and standards such as NIST, ISO 27001, and MITRE ATT&CK. * Experience managing/operating SIEM tools (Splunk, QRadar, etc.) and EDR/XDR solutions. * Creation of technical, forensic, and expert reports. **Education** **Required:** + Degree in Computer Engineering, Telecommunications Engineering, or equivalent. **Desirable:** + Relevant certifications such as **GEIR, GCFA, GCFE, GCIH**, **CEH, CompTIA Security+, or similar.** **Technical Knowledge** + Analysis using security tools (SIEM, IDS/IPS, EDR, firewalls, WAF). + Acquisition and analysis of artifacts using forensic tools. + Identification of Indicators of Compromise (IoCs) and analysis of attacker Tactics, Techniques, and Procedures (TTPs). + Scripting for task automation (Python, PowerShell, Bash). + Advanced concepts in vulnerability management and risk analysis. **The skills that would align well with the team and project for this role are:** + **Problem-solving:** ability to analyze complex situations and make rapid decisions. + **Teamwork:** ability to collaborate effectively with multiple teams under pressure. + **Effective communication:** ability to convey technical findings to non-technical audiences. + **Proactivity:** mindset oriented toward continuous improvement of processes and tools. + **Critical thinking:** ability to anticipate potential impacts and mitigate them before they occur. **LANGUAGES** + Valuable: English at minimum B2 level, both written and spoken. **WHAT DO WE OFFER?** * Work-life balance measures and flexible working hours. * Continuous training and certification support. * Hybrid remote work model. * Attractive social benefits package. * Excellent, dynamic, and multidisciplinary work environment. * Volunteering programs. **\#WeAreDiverse \#WePromoteEquality** We strongly believe that diverse and inclusive teams are more innovative, transformative, and deliver better results. Therefore, we promote and guarantee inclusion for all individuals regardless of gender, age, sexual orientation or identity, culture, disability, or any other condition. We look forward to meeting you!