Job Summary: We are seeking a senior profile to lead the improvement of security posture in Microsoft environments, coordinating a technical team and reporting to management. Key Highlights: 1. Lead security in Microsoft environments with direct impact on management decisions. 2. Technical reference and coordination role within a cybersecurity team. 3. Stable project with continuous training and a development plan. Are you interested in leading real improvements to security posture in Microsoft environments—with direct impact on management decisions and a technical team by your side? We are looking for a senior profile combining cybersecurity vision with a solid systems foundation to drive processes, prioritize risks, and ensure actions are executed and measured. Location: Donostia–San Sebastián (Gipuzkoa) Contract: Permanent \| Full–time (40h) Work Model: Hybrid – 5 remote workdays per month (flexible distribution across afternoons) Suggested Schedule: Mon–Thu 08:00–17:00 / Fri 08:00–14:00 (flexible start/end times) Your Mission You will be a key figure in a team of 6 people (technical reference and coordination role), responsible for transforming security alerts and findings into actionable plans—with tracking, evidence, and clear reporting for stakeholders, including senior management. Day–to–Day Responsibilities Manage SOC alerts and reports: analysis, prioritization, and tracking of their evolution. Define action plans for incidents, risks, and vulnerabilities, documenting procedures and decisions. Execute or coordinate corrective actions—either directly (in Microsoft environments) or with third parties—ensuring quality and full resolution. Tracking and reporting: progress reports, evidence, and periodic reports for committees/senior management. Continuous process improvement: propose and implement improvements to SOC operational management and response workflows. Technical Environment (Relevant Aspects) You will work extensively with: Active Directory: configuration, GPOs, authentication, and hardening. Microsoft 365: tenant management, security, and compliance across the ecosystem. Microsoft Intune: policies, devices, control, and best practices. Physical and virtual servers: administration, security, and vulnerability management. SOC operations: alerts, reports, escalations, action plans, and traceability. What We Require (Mandatory) Previous experience as a systems administrator (minimum 5 years), with clear exposure to cybersecurity. At least 1 year preparing follow–up reports (actions, status, risks, metrics). Proficiency in Active Directory, Microsoft 365, and Intune. Experience with server infrastructure (on–prem / virtualization). Ability to communicate effectively with non–technical profiles and clearly present conclusions to management with sound judgment. Especially Valued If You Also Have Microsoft security certifications: SC–900, SC–200, SC–300, AZ–500 (or equivalent). Prior experience in cybersecurity governance/operations (governance, processes, auditing, security posture improvement, etc.). Stable project with long–term trajectory and focus on structured evolution (not just “firefighting”). Role with visibility and influence, participating in security decisions and prioritization. Close technical team (6 people), where you’ll serve as the technical reference. Intensive summer schedule (June–September). Continuous training and a development plan aligned with your goals. Operational benefits: mobile phone and mileage reimbursement when applicable.