Browse
···
Log in / Register
Job Summary: We are seeking a cybersecurity specialist for the Global CSIRT, focused on designing and evolving threat detection strategies and continuously improving cyber defense capabilities. Key Highlights: 1. Be part of the Global CSIRT within a leading company in the energy sector. 2. Design and evolve global threat detection strategies. 3. Contribute to the maturity of the Group's detection model. Would you like to work for the leading company in the energy sector, as part of the global Cybersecurity team, contributing your expertise in cyber defense, threat detection, and technological resilience to address the company’s new challenges? Are you passionate about cybersecurity, threat research, and designing strategies to protect critical infrastructure? Do you want to demonstrate your experience in multicultural environments and strategic global projects? **ADD YOUR ENERGY TO THE FUTURE!** **What will you do?** You will join **Iberdrola’s Global CSIRT**, within the **Cyber Threat Detection Team** of the **Cyber Fusion Center**, contributing to the early identification of **attacks, anomalies, and malicious behavior patterns** in a multinational company with a **diverse and highly distributed technology ecosystem** (IT, cloud, hybrid environments, and OT). This position coordinates and establishes guidelines for **automation, enrichment, and continuous operational triage of alerts**, a function supported by an **externalized specialized service**. Your differentiating value will lie in **improving visibility and defining how we detect**, not merely reviewing what has already been detected. On a day-to-day basis: * You will **design, review, and evolve threat detection strategies**, aligned with the Group’s actual risk and the global threat landscape. * You will **review and evolve visibility across monitored environments and their integration with security processes**. * You will analyze **incidents, attack campaigns, and trends** to identify **detection gaps**, weaknesses in existing use cases, and improvement opportunities. * You will **define and optimize detection use cases**, rules, correlations, and indicators, leveraging threat frameworks (TTPs) and the CSIRT’s operational experience. * You will closely collaborate with **Cyber Defense and Incident Response teams** to ensure detection generates the **appropriate context for effective response**. * You will provide **technical judgment in complex investigations**, supporting advanced analysis of events, anomalous patterns, campaigns, or emerging threats. * You will participate in the **evolution of the detection architecture**, reviewing and evolving **visibility** across monitored environments and facilitating correct integration and use of platforms such as SIEM, EDR/XDR, NDR, and intelligence sources. * You will drive initiatives for **automation, enrichment, and improvement of detection quality**, reducing noise and increasing precision. * You will coordinate with **local teams, BISOs, and CSIRTs across different business units**, ensuring a coherent and global view of the threat landscape. * You will actively contribute to the **maturity of the Group's detection model**, aligning processes, tools, and capabilities. In summary: **you will not chase isolated alerts, but directly influence how the Group’s CSIRT detects threats, anticipates attacks, and evolves its detection capabilities**. **What are we looking for?** We seek **cybersecurity specialists with blue team and CSIRT experience**, who are passionate about **analyzing attacks from the adversary’s perspective**, understanding patterns and techniques, identifying weak signals, improving them, and who aim to **elevate detection beyond basic rules or reactive approaches**. **Key Requirements** * Technical education (Computer Engineering, Telecommunications, or equivalent) or equivalent experience. * **Practical experience in SOC / CSIRT / CERT or threat detection environments**, interacting with monitoring and detection platforms. * Solid knowledge of: + **Threats, attack techniques and tactics (TTPs)** and their practical application to detection. + Operating system (Windows/Linux) and network functionality. + Security event management and analysis. * Experience working with platforms such as: + **SIEM**. + **EDR / XDR**. + **NDR / traffic and behavioral analysis**. * Ability to: + Analyze campaigns and incidents to **enhance existing detections**. + Define and refine **high-value detection use cases**. + Validate the effectiveness of detections created by internal teams or external vendors. * Good level of **technical English**, in a global environment. **We especially value additional experience in:** * Design and integration of **complex cybersecurity architectures**. * **Threat hunting** and behavior-based detection. * Design of **risk- and business-aligned detection strategies**. * Use of **threat intelligence** to improve detections. * Automation and enrichment of detections (SOAR, scripting). * Cloud, hybrid, or OT environments. * Technical certifications (GIAC, GCED, GCTI, OSCP, CISSP, etc.). * Ability to translate technical *findings* into **sustained improvements to the detection model**. **What do we offer?** * Join an internationally present company with over 40\.000 employees. * Grow within a world-leading renewable energy company committed to fighting climate change. * Competitive salary, social benefits, and work-life balance measures. * Year-round continuous working hours, with flexible start and end times. * Work in a dynamic, highly qualified team engaged in innovative projects. * Onboarding program and training period to get to know the company globally. * Access to continuous training programs at the Iberdrola Campus. *At Iberdrola, diversity, equity, and inclusion are essential pillars of our daily operations. We take pride in being a company where equal opportunities exist and where all individuals are welcomed, valued, and respected—regardless of gender, disability, race, religion, sexual orientation, age, marital status, nationality, or gender identity.* **Publication End Date:** 31\-05\-2026 \#LI\-DNI
