Threat Detection Analyst

Threat Detection Analyst - Santander Digital Services

Country: Spain

**WHAT YOU WILL BE DOING**

**SANTANDER DIGITAL SERVICES is looking for a Threat Detection Analyst **based in our Boadilla del **Monte (MADRID) office.**

**WHY YOU SHOULD CONSIDER THIS OPPORTUNITY**

**Santander Digital Services (SDS) **is the team of technology and operations at Santander. We are convinced of the importance of technology that is aligned with the requirements of the business and that out work not only brings value to users, people and communities but also fosters individual creativity. Our team of over 7,000 people in 8 countries (Spain, Portugal, Poland, UK, USA, Mexico, Chile and Brazil) develops and/or implements financial solutions across a broad spectrum of technologies (including Blockchain, Big Data and Angular among others) on all kinds of on-premise and cloud-based platforms.

Santander is proud of being an organization where there are equal opportunities regardless of gender identity, culture and disability. Our mission is to contribute to help more people and business prosper. We embrace a strong risk culture and all of our professionals at all levels are expected to take a proactive and responsible approach toward risk management.

**WHAT YOU WILL BE DOING**

With the increasing need for advanced defense to protect the organization there is a requirement for talented and motivated people to join an expanding Cyber Security team. This team works with the latest and best technology to combat advanced attackers, making the organization and its customers safer.

Your work will involve writing structured queries against large datasets of endpoint and network telemetry, as well as building custom threat detection tooling and frameworks. Analyze Threat modeling exercises or output of adversary emulation processes executed to identify novel detections and validate the effectiveness of our threat detection posture. Your output will be detection mechanisms that provide comprehensive coverage of both known and unknown threats.

As a **Threat Detection analyst **, you will be responsible for:

- Creating/Developing and maintaining Advanced correlation rules and use cases to feed SOC (Security Operation Center) into various SIEM products.
- Developing cloud specific detection capabilities - Continuously optimize Cyber Security Use Cases capabilities.
- Development of Dashboards in several platforms - Understanding of internal and external Threat scenarios and how to identify these threats within the group.
- Conducting threat modelling exercises into the SIEM.
- Creating improvements in related processes.
- Creating technical documentation around the Cyber content deployed in the SIEM.

EXPERIENCE
- 2+ years of experience in Information technology and Cybersecurity.

EDUCATION
- University Degree in related areas (computer science, computer engineering, network technology or similar).

SKILLS & KNOWLEDGE
- Understanding of Cyber Security Operation.
- Excellent Knowledge on Data analysis and parsing of event Logs, Logging standards and data normalization.
- Excellent knowledge of SIEM searching languages (Splunk (SPL) or Microsoft Sentinel (kusto).
- Strong knowledge on regular expressions Good knowledge on security/General platforms (Proxy, IPS, EDR, AV, WAF, Firewall, Windows etc.).
- English B2.
- Desired knowledge on Cloud Environments Experience Azure and AWS.
- Skills on scripting languages (Python, Javascript, powershell, etc.).
- Desired certifications: Splunk Certifications and Courses and/or Microsoft Azure Sentinel Course.