Cyber Threat Detection Analyst Level 3 - Santander Digital Services
WHAT YOU WILL BE DOING
SANTANDER DIGITAL SERVICES is looking for a CYBER THREAT HUNTER based in our BOADILLA DEL MONTE office.
WHY YOU SHOULD CONSIDER THIS OPPORTUNITY
Santander Digital Services (SDS) is the team of technology and operations at Santander. We are convinced of the importance of technology that is aligned with the requirements of the business and that out work not only brings value to users, people and communities but also fosters individual creativity. Our team of over 7,000 people in 8 countries (Spain, Portugal, Poland, UK, USA, Mexico, Chile and Brazil) develops and/or implements financial solutions across a broad spectrum of technologies (including Blockchain, Big Data and Angular among others) on all kinds of on-premise and cloud-based platforms.
Santander is proud of being an organization where there are equal opportunities regardless of gender identity, culture and disability. Our mission is to contribute to help more people and business prosper. We embrace a strong risk culture and all of our professionals at all levels are expected to take a proactive and responsible approach toward risk management.
WHAT YOU WILL BE DOING
As a Cyber T h reat Detection Analyst
- Level 3, you will be responsible for deeper investigations over cases escalated in global SOC. The professional will be developing technical activities, including investigation of possible security incidents using a broad range of platforms, overseeing SIEM use cases in staging and testing phases.
The professional will partner with threat detection engineers to implement and improve use cases and playbooks to enhance security monitoring, investigation, and response.
We need someone like you to help us in different fronts:
- Conduct multi-steps investigative analysis on alerts to trace the dynamic signs related to threats.
- Perform investigation and escalation for complex or high severity security threats or incidents.
- Work with other threat detection engineers to help refining correlation rules.
- Provide recommendations for playbooks improvement.
- Gather valuable data information to support incident handlers on escalated cases.
- Support other global SOC analysts
- 2+ years of experience in Information technology, cybersecurity.
- Proven experience of SIEM Technology, Splunk search processing language (SPL), EDR tools.
- Experience with incident handling and SOC operations.
- Understanding of incident response processes and frameworks
- Degree: Information Technology, computer science, computer engineering, network technology or similar.
SKILLS & KNOWLEDGE
- Knowledge on security tools such as Firewalls, Antimalware, Intrusion systems, Authentication systems malware detection, WAF, proxy.
- knowledge on Cloud Environments Experience Azure and AWS
- Advanced knowledge on Operating Systems Windows and Unix based.
- Fluent in English & Spanish
Desirable certifications :
- Splunk Certifications and Courses
- SIEM Related Courses
- Networking Certifications (CCNA, etc)
Certifications are desirable, but not mandatory. Knowledge and experience are more important for us.