Position Summary: Internship at Telefónica’s Global CSIRT to analyze security alerts, investigate incidents, and support corporate cyber defense. Key Highlights: 1. Real immersion in a global cybersecurity team 2. Acquisition of hands-on experience with industry tools and processes 3. Development of skills in technical analysis and documentation Telefónica S.A. **Madrid** (Madrid) T/2026/49570 What does the company offer? * **1** internship position at Telefónica S.A. for **6 months**, starting in **May 2026** * Monthly gross stipend of **850.00€** * 5 hours per day, morning shift * Hybrid remote/in-person internship * START Program * Internship center in Spain: Ronda de la Comunicación s/n, Distrito Telefónica Madrid (Madrid) What profile is the company seeking? * **University undergraduate or master’s student:** Bachelor in Marketing * **Language skills:** English level B2. Proposed Training Plan About the Company Telefónica, S.A. is one of the world’s leading telecommunications and technology companies, with international presence and a strong commitment to innovation, cybersecurity, and technological development. Within this context, the **Global CSIRT** plays a key role in protecting the company’s assets, services, and users against cybersecurity threats. The internship will take place within the **Global CSIRT (Computer Security Incident Response Team)**, responsible for monitoring, analyzing, and responding to cybersecurity incidents at the corporate level. This team manages security alerts from multiple platforms and technologies, analyzes potential threats, conducts forensic investigations, and coordinates actions to ensure the security of Telefónica’s systems and services. The intern will have the opportunity to gain first-hand insight into how an incident response team operates in a real-world, highly specialized environment aligned with international cyber defense standards. Training Objectives During the internship, the participant will develop competencies related to alert analysis, basic forensic investigation, interpretation of security events, and use of specialized cybersecurity tools. Key learning outcomes include: **Security Alert Analysis** * Interpret alerts originating from multiple sources (SIEM, EDR, IDS, corporate platforms, etc.). * Identify patterns, correlations, and indicators suggesting a potential security incident. * Determine whether an alert requires escalation or handling as an incident. **Forensic Lab and Technical Analysis** * Deploy, configure, and use forensic tools in a test lab environment. * Conduct analysis on **simulated cyberattack scenarios**. * Practice basic evidence acquisition and review in controlled environments. * Document technical results and lessons learned from these activities. **Documentation and Reporting** * Prepare tool usage reports, procedural guidelines, and executive summaries of analyses. * Establish usage guidelines, best practices, and recommendations based on conducted forensic exercises. **Incident Response Methodologies and Processes** * Understand the full incident management lifecycle within Telefónica. * Become familiar with international standards (FIRST, NIST, ISO/IEC 27035). * Understand how risks are prioritized and how global response is coordinated. **Collaboration and Teamwork** * Interact with analysts from the Global CSIRT and other cybersecurity units. * Experience real-world coordination dynamics during incidents and simulations. During the training program, the intern will support the team in activities related to content production and preparation of communication materials linked to the company’s strategic projects. ‍ Mentorship and Follow-up To ensure the training nature of the internship: * The participant will receive **specialized mentoring within the Marketing team**. * **Learning objectives and competencies to be developed** will be defined for the duration of the internship. * **Periodic progress follow-up** will be conducted, with continuous feedback to reinforce learning. * The team will facilitate integration into collaborative dynamics and creative processes within the department. Candidate Profile **Valued Competencies and Skills:** * Interest in **innovation, technology, and digital transformation** * Strong **written communication and creativity** * Interest in **digital marketing and corporate communications** * Ability to **work collaboratively in teams** * Proactive attitude and motivation to learn **Languages and Tools:** * Intermediate **English proficiency** (valued) * Knowledge of **WordPress** (valued) * Basic knowledge of **SEO** (valued) Training Value of the Internship This internship offers real immersion in a globally operating cybersecurity team. The participant will be able to: * Understand how threats are detected, analyzed, and managed within a large organization. * Gain direct hands-on experience with tools and processes used by industry professionals. * Develop practical skills in alert analysis, basic investigation, and technical documentation. * Participate in forensic simulations and internal exercises replicating real-world cyberattack scenarios. This experience will provide deep insight into the operational work of a CSIRT and help develop key competencies for a professional career in cybersecurity. * **Regulatory Compliance Note:** Some information required to fully complete the offer (duration, stipend amount, working hours, and final location) has not been provided in the submitted document. To ensure compliance with **Royal Decree 592/2014** and **Royal Decree 822/2021**, these details must be confirmed prior to the final publication of the offer.