Senior Incident Response
hace 12 horas
Barcelona
At Q-tech, we are currently looking for a Senior Incident Response to join the Technology Hub of one of our key retail clients, with offices located in Barcelona. La siguiente información ofrece un resumen de las habilidades, cualidades y cualificaciones necesarias para este puesto. This is an opportunity to join an international, highly technical environment with global impact. MISSION Lead advanced incident response activities within a mature SOC. This is a hands-on technical role focused on real investigations, continuous improvement, and end-to-end incident management. RESPONSIBILITIES • Coordinate and communicate security incidents across teams and countries., • Manage the full Incident Response lifecycle (detection, analysis, containment, and remediation)., • Reconstruct cyberattacks and perform malware analysis., • Develop and enhance detection mechanisms., • Conduct IT forensic investigations (timeline reconstruction and artifact analysis)., • Prepare technical and executive-level incident reports., • Advise internal projects on security-related matters., • Monitor the global threat landscape and provide actionable recommendations. REQUIREMENTS • 5+ years of experience in Incident Response handling medium to critical incidents., • Hands-on experience in triage, containment, and end-to-end remediation., • Experience collaborating with IT, Engineering, Legal, Cloud Operations, and Escalation Management teams., • Degree in IT or equivalent education., • High level of English (minimum B2)., • Advanced experience with SIEM (preferably Splunk), SOAR platforms, and EDR solutions., • Strong understanding of offensive techniques and defensive technologies. Frameworks & Standards • ISO 27001, • NIST Cybersecurity Framework, • BSI Grundschutz, • ITIL, • OWASP, • MITRE ATT&CK Technology Stack • SOAR / Ticketing: Fortinet FortiSOAR, • Malware Sandbox: VMRay Sandbox, Any.Run, VirusTotal, • M365 Security: Microsoft Defender (Endpoint, Identity, Cloud Apps, Office), • Threat Intelligence: MISP, Recorded Future, DFIR Report, • Digital Forensics: Timesketch, Magnet AXIOM, • SIEM: Splunk (preferred) + enterprise EDR NICE TO HAVE • Advanced digital forensics (Windows, macOS, Linux, cloud)., • Incident Response experience in cloud environments (native logging, identity investigations)., • Application security and SaaS threat knowledge. WHAT THEY OFFER • Permanent contract., • Fixed morning shift (Monday to Friday, 05:45–14:00, no rotations) or fixed afternoon shift (14:00–22:00, no rotations)., • €2,700 annual flexible compensation (meal vouchers and transportation)., • Private health insurance., • Remote work allowance., • Up to €300 annual wellbeing reimbursement for sports activities., • Opportunity to join a consolidated international Cyber Defense Center., • Highly technical role focused on real investigation work., • Strong learning and continuous training culture. xcskxlj, • Real growth opportunities within a global cybersecurity organization. If you are looking for an international, technical environment with real impact in defending a global organization, this role is for you.