**WHAT IS TELEFÓNICA TECH?** Telefónica Tech is the leading digital transformation company within the Telefónica Group. We offer a comprehensive portfolio of integrated technology services and solutions in Cybersecurity, Cloud, IoT, Big Data, Artificial Intelligence, and Blockchain, supporting our customers throughout their digital transformation journey. We are a team of over 6,200 courageous professionals working daily from various locations around the world to achieve excellence through leadership rooted in transparency and teamwork. If you identify with our core values, we’re eager to meet you! www.telefonicatech.com**WHAT DO WE DO IN THE TEAM?** Within Telefónica Cybersecurity & Cloud Tech’s Security Monitoring Unit, we are responsible for detecting, analyzing, and responding to all potential risk situations by executing actions aimed at mitigating or containing cybersecurity incidents. **WHAT WILL YOUR DAY-TO-DAY LOOK LIKE?** **Team Coordination** * Foster a positive and motivating work environment, providing ongoing mentoring and support to team members. * Plan and coordinate cybersecurity improvement projects, ensuring deadlines and defined objectives are met. * Threat monitoring and analysis * Incident management * Team performance oversight * Optimization of tools and processes * Continuous improvement initiatives * Report generation * Collaboration with other teams * Team training and development * Risk management **Incident Detection:** * Review and analyze alerts generated by security systems—such as network intrusions, suspicious user behavior, malware, among others—to assess relevance and severity. * Respond to low-complexity security incidents following established procedures, escalating incidents requiring additional intervention. * Conduct initial investigations into security events, identifying root causes and incident scope, as well as collecting forensic evidence for subsequent analysis. * Record service-related activities using the ticketing tool. * Collaborate with IT and development teams to implement security solutions—from design through execution. * Maintain up-to-date documentation on security processes, incidents, and lessons learned to improve responses to future incidents. **Incident Response:** Depending on the nature of each situation, these actions may be carried out either as part of planned activities or urgently and immediately, always guaranteeing security. Examples of actions to be performed include: * Communications: request to block malicious IP addresses in WAF. * Endpoint: request antivirus scanning and containment of endpoints with EDR agents. * Email: request to add addresses to whitelist/blacklist, redirect emails to quarantine, and delete emails. * Access: request to block users, reset credentials, and invalidate session tokens on devices. **AND FOR THIS, WE BELIEVE IT WOULD BE IDEAL IF YOU HAD…** **Experience** * Prior experience in leadership or supervisory roles in cybersecurity or IT. * Proficiency in management tools such as Office 365, dashboards, etc. * IT education * Basic cybersecurity knowledge **Education** Required: * Higher vocational training degree in Computer Systems and Networks Administration. * Higher Vocational Training Technician in Multiplatform Application Development. * IT education or experience in any IT field. Desirable: * Technical or university degree in Computer Science. * Master’s degree in Cybersecurity. * Knowledge of scripting or automation (e.g., Python, PowerShell). * Certifications such as PMP (Project Management Professional) or Agile. **Desired Technical Knowledge** * Understanding of cybersecurity concepts and practical application. * Experience with ticketing tools such as JIRA, ServiceNow, or similar. * Knowledge of SIEMs and EDRs. * Office 365 **To perform this role, the following skills would align well with the team and project:** * Supervision, control, and leadership * Ability to adapt to a constantly evolving environment and respond to emerging threats and challenges. * Strong task organization and teamwork capabilities. * Ability to quickly assess situations and make informed decisions. * Clear communication skills—both written and verbal—to explain technical issues to non-technical audiences. * Ability to analyze security data and metrics to identify areas for improvement. **LANGUAGES** * Required: English **WHAT DO WE OFFER?** * Work-life balance measures and flexible working hours. * Ongoing training and certifications. * Hybrid remote work model. * Attractive social benefits package. * Excellent, dynamic, and multidisciplinary work environment. * Volunteering programs. **\#WeAreDiverse \#WePromoteEquality** We firmly believe that diverse and inclusive teams are more innovative, transformative, and achieve better results. Therefore, we promote and guarantee inclusion for all individuals regardless of gender, age, sexual orientation or identity, culture, disability, or any other condition. We want to meet you!