Cyber Threat Detection Analyst

Cyber Threat Detection Analyst - SGTO

Boadilla del Monte, Spain

**WHAT YOU WILL BE DOING**

**SGTO is looking for a THREAT DETECTION ANALYST, based in our BOADILLA DEL MONTE office.**

**WHY YOU SHOULD CONSIDER THIS OPPORTUNITY**

**Santander Global Technology & Operations (SGTO) **is the team of technology and operations at Santander. We are convinced of the importance of technology that is aligned with the requirements of the business and that out work not only brings value to users, people and communities but also fosters individual creativity. Our team of over 2,000 people in 7 countries (Spain, Portugal, UK, USA, Mexico, Chile and Brazil) develops and/or implements financial solutions across a broad spectrum of technologies (including Blockchain, Big Data and Angular among others) on all kinds of on-premise and cloud-based platforms.

Santander is proud of being an organization where there are equal opportunities regardless of gender identity, culture and disability. Our mission is to contribute to help more people and business prosper.

**WHAT YOU WILL BE DOING**

As a **Threat Detection Analyst, **you will be in charge to create and maintain detection mechanisms through different technologies in order to combat advanced threats.

We need someone like you to help us in different fronts:

- Creation/Development of Use Cases to feed SOC (Security Operation Center) and correlation rules into various SIEM products.
- Development of cloud specific detection capabilities.
- Maintain Data Dictionaries on SIEM
- Ensure Data Ingestion quality
- Development of Cyber Dashboards
- Create technical documentation around the Cyber content deployed in the SIEM
- Understanding of internal and external Threat scenarios and how to identify these threats within the environment.

EXPERIENCE
- 3+ years of experience in Information technology, cybersecurity and SIEM.
- Excellent Knowledge on Data analysis of event Logs, Logging standards and data normalization.
- Firewalls, Antivirus, Intrusion systems, Authentication systems, malware detection, WAF, proxy, Windows, Unix, etc.
- Understanding of Cyber Security Operation
- Experience Azure and AWS - (Desirable)

EDUCATION
- Degree: Information Technology, computer science, computer engineering, network technology or similar.

SKILLS & KNOWLEDGE
- Knowledge of Splunk search processing language (SPL)
- Knowledge in Microsoft Sentinel SIEM, knowledge in Log Management knowledge on Cloud Environments

Desirable certifications:

- Splunk Certifications and Courses
- SIEM Related Courses**WHAT WE ARE LOOKING FOR**

EXPERIENCE

EDUCATION

COMPETENCIES

Accuracy and Attention to Detail (Working Knowledge), Attacker TTPs Trends (Extensive Experience), Computer Crime (Working Knowledge), Computer Network Defense (Working Knowledge), Decision Making and Critical Thinking (Working Knowledge), Digital Threat Management (Extensive Experience), Encryption Technologies (Working Knowledge), Endpoint Security (Working Knowledge), Flexibility and Adaptability (Working Knowledge), Information Capture (Working Knowledge), Information Security Architecture (Working Knowledge), Information Security Audits (Working Knowledge), Information Security Technologies (Working Knowledge), Initiative (Working Knowledge), Intrusion Detection and Prevention (Working Knowledge), Network and Internet Security (Working Knowledge), Predictive Analytics (Extensive Experience), Teamwork (Working Knowledge), Technical Writing/Documentation (Working Knowledge), Vulnerabilities Assessment (Working Knowledge)