**WHAT IS TELEFÓNICA TECH?** Telefónica Tech is the leading digital transformation company within the Telefónica Group. We offer a comprehensive portfolio of integrated technology services and solutions in Cybersecurity, Cloud, IoT, Big Data, Artificial Intelligence, and Blockchain, supporting our clients throughout their digital transformation journey. We are a team of over 6,200 bold professionals working daily from various locations around the world to achieve excellence through leadership grounded in transparency and teamwork. If you identify with our core values, we look forward to meeting you! www.telefonicatech.com **WHAT DO WE DO IN THE TEAM?** Within the SIEM TO unit of Telefónica Cybersecurity & Cloud Tech, we are responsible for detecting, analyzing, and responding to all potential risk situations by executing actions aimed at mitigating or containing cybersecurity incidents. **WHAT WILL YOUR DAY-TO-DAY LOOK LIKE?** Your mission will involve monitoring security events and detecting security incidents. Your day-to-day responsibilities: **Incident Detection:** * Review and analyze alerts generated by security systems—such as network intrusions, suspicious user behavior, malware, among others—to assess their relevance and severity. * Respond to low-complexity security incidents following established procedures, escalating incidents requiring additional intervention. * Conduct initial investigations into security events, identifying root causes and incident scope, as well as collecting forensic evidence for subsequent analysis. * Record service-related activities using the ticketing tool. * Collaborate with IT and development teams to implement security solutions—from design through execution. * Maintain up-to-date documentation on security processes, incidents, and lessons learned to improve responses to future incidents. **Incident Response:** Depending on the nature of each situation, these actions may be carried out either as part of planned activities or on an immediate, urgent basis—ensuring security in all cases. Examples of actions to be performed include: + Communications: request to block malicious IP addresses in WAF. + Endpoint: request antivirus scanning and containment of endpoints with EDR agents. + Mail: request to add addresses to whitelist/blacklist, redirect emails to quarantine, and delete emails. + Access: request to block users, reset credentials, and session tokens on devices. **AND FOR THIS, WE BELIEVE IT WOULD BE IDEAL IF YOU HAD…** **Experience** + Experience in a similar role or in a technical support environment. + IT training. + Knowledge of cybersecurity. **Education** + Higher vocational training in computer systems and networks administration. + Higher Technician in Multiplatform Application Development. + IT training or experience in any IT field. **Desirable Education:** + Technical or university degree in Computer Science. + Master’s degree in Cybersecurity. + Scripting or automation knowledge (e.g., Python, PowerShell). **Technical Knowledge** + Understanding of cybersecurity concepts and hands-on experience. + Proficiency with ticketing tools. + Operation of SIEMs and EDRs. **Skills that would fit the team and project for this role include:** + Strong task organization and teamwork abilities. + Ability to quickly assess situations and make informed decisions. + Clear communication skills—both written and verbal—to explain technical issues to non-technical audiences. **LANGUAGES** + Required: English **WHAT DO WE OFFER?** * Work-life balance measures and flexible working hours. * Continuous training and certifications. * Hybrid remote work model. * Attractive social benefits package. * Excellent, dynamic, and multidisciplinary work environment. * Volunteering programs. **\#WeAreDiverse \#WePromoteEquality** We firmly believe diverse and inclusive teams are more innovative, transformative, and deliver better results. Therefore, we promote and guarantee inclusion for all individuals regardless of gender, age, sexual orientation or identity, culture, disability, or any other condition. We want to meet you!