- Proven, extensive experience (e.g., 5+ years) working in a Security Operations Center or a similar cybersecurity role
- Expert-level proficiency with Microsoft Sentinel, including analytics rules, SOAR playbooks and custom workbooks
- Mastery of Kusto Query Language (KQL) for advanced threat hunting, complex data analysis and creating sophisticated detection rules
- In-depth, hands-on experience with the Microsoft 365 Defender suite, Sentinel, especially Microsoft Defender for Endpoint (MDE) for threat and vulnerability management, EDR investigation and response actions
- Deep understanding of modern attack vectors, MITRE ATT&CK framework and cyber kill chain methodologies
- Strong knowledge of networking protocols, operating system internals (Windows/Linux) and cloud security principles (especially Azure)
- Demonstrated ability to lead complex incident investigations from detection to resolution
- Excellent communication skills and the ability to mentor junior analysts
- Fluent in English (C1 level preferred) English- B2
- Work experience in SOC (Security Operations Center)
- Experience in working with SIEM tooling (Security information and Event Management)
- Programming, scripting and/or data management skills
- Professional certifications such as Microsoft SC-200, AZ-500, CISSP, GCIH, or GCIA
- Higher education
- Ability to make decisions independently
- Ability to work in a group
- Ability to work under time-pressure
- Willingness to take up working in shifts
- Experience with other components of the Microsoft security stack (Microsoft Defender for Identity, Defender for Cloud Apps)
- Experience with other cloud platforms (AWS, GCP)
- Experience integrating threat intelligence platforms (TIPs) with a SIEM
- Security event analysis (scenario-based)
- Anomaly detection
- Product maintenance and development
We are looking for a talented and enthusiastic Junior Security Analyst to join our team within the new Hubs Spain (based in Madrid). Security Analytics is great place for learning and gaining experience in the Security field, which is considered one of the most prestigious areas in IT.
Team’s tasks include performing the analysis of security events as well as anomalies’ detection on the infrastructure, application and network levels. The main objective of the team is to detect incidents and ensure the ING Group’s security, while constantly engaging in the process of improving the quality and effectiveness of provided services.
Report job
