**We are currently looking for a Cybersecurity Operations Architect with solid experience in advanced SOC environments. This is a mixed role combining operational responsibilities (incident management, detection, reporting) with architecture and technical leadership duties, ensuring continuous service improvement and alignment with business objectives.** What are we looking for? * \+7 years **in SOC, Detection & Response, Threat Hunting, or Security Engineering.** * **Proven experience with the Microsoft Security Stack (Sentinel, Defender XDR, Purview).** * **Advanced knowledge of ITSM (ServiceNow), automation (SOAR, Logic Apps, PowerAutomate), and MITRE ATT\&CK.** * **Experience in cybersecurity service governance (SLAs, KPIs, reporting, audits).** * **Ability to lead and execute simultaneously.** * **Strategic vision with results orientation and attention to operational detail.** * **Excellent communication and cross-functional coordination skills.** * **High level of English (spoken and written).** * **Availability to travel within and outside Spain.** Valued Certifications: **Microsoft SC\-200, GIAC: GCDA, GCIA or GCTI, ITIL Foundation or higher, other certifications in defensive security, automation, or service management will be a plus.** What challenges and tasks might you encounter in this role? Governance and Continuous Improvement * **Monitor SLAs, KPIs, and KRIs of the service.** * **Participate in and coordinate technical (weekly), operational (monthly), and strategic (semiannual) committees.** * **Prepare monthly SOC reports and documentation of key decisions.** * **Design and maintain a continuous improvement plan aligned with customer objectives.** * **Support audits and executive reporting.** Service Management * **Manage changes, incidents, problems, and requests in ServiceNow.** * **Keep service documentation updated (runbooks, diagrams, procedures).** * **Coordinate continuous improvement initiatives and promote a service-oriented culture.** * **Generate service reports and collaborate cross-functionally with the client's ITSM ecosystem.** Threat Detection * **Design and coordinate detection rules aligned with MITRE ATT\&CK and priority use cases.** * **Integrate new technologies and enrich detection with threat intelligence feeds, CMDB, geoIP, and vulnerability data.** * **Co-design rules with the client and manage shared repositories.** * **Validate rules through Purple Team exercises and CI/CD pipelines.** * **Document and ensure full traceability of rules and use cases.** Threat Response * **Manage the complete lifecycle of alerts and incidents in ServiceNow SecOps.** * **Classify, document, and report incidents with contextual analysis.** * **Coordinate with internal teams and the client to ensure effective resolutions within defined timeframes.** Automation and Managed Solutions * **Design, maintain, and improve response playbooks in SOAR, Logic Apps, and Security Copilot.** * **Drive automation of workflows and integration with AI/chatbot solutions.** * **Administer and optimize Microsoft solutions (Sentinel, Defender XDR, Purview), ensuring availability, performance, and service alignment.** What do we offer? * **Contract type: Full-time permanent contract.** * **Location: Spain.** * **Work model: Hybrid or 100% remote—we adapt to what suits you best.** * **Opportunity to participate in an innovative project where you can contribute your talent autonomously and dynamically.** * **Salary: Flexible depending on candidate experience.** **If you've read this far, you know what to do!** Apply now **Now that I've applied, what's next?** **1️⃣ Application screening \- We will review your profile.** **2️⃣ Phone Screening \- If you pass the initial filter, we’ll have a brief call to gather basic information or clarify background details.** **3️⃣ Interviews: Talent Interview \- To get to know you better. Technical Interview \- With the team to assess your expertise. Optional: A second technical interview if deeper evaluation is needed.** **4️⃣ Final stage: We will request your employment history and/or personal references to verify the provided information.** ***We positively value applications from individuals with a disability certificate of 33% or higher, in compliance with current legislation, the General Law on the Rights of Persons with Disabilities and their Social Inclusion (LGD). Likewise, as part of our goal to reverse the trend in our industry and promote gender balance within our team, we encourage potential female candidates to apply so we can consider as many applications from this gender as possible.***