.Cyber Detection and Response - SIEM Analyst - EY GDS Spain - Hybrid As an integral part of our dynamic team, you will engage in a wide spectrum of project-based work encompassing areas such as design, deployment, consultancy, modifications, and incident response. It is imperative to acknowledge that the nature of these projects is highly diverse and will require a flexible mindset and readiness to adapt. Your involvement in these projects will be carefully considered, taking into account both your unique skill set and your openness to embrace varied assignments. Your key responsibilities: As a valued member of the Cybersecurity Detection & Response team, you will be actively involved in a diverse array of projects, tailored to align with our clients' requirements as well as your professional expertise. Additionally, your participation will extend to contributing to the strategic development and expansion of the Cybersecurity Detection & Response (CDR) team. Skills and attributes for success: Experience in at least one of the leading SIEM solutions on the market (Microsoft Sentinel, Splunk, Elasticsearch, Google Chronicle) Good knowledge of distributed IT environments, preferably hands-on experience in major Cloud Infrastructures (Microsoft Azure, Amazon Web Services, Oracle Cloud Infrastructure, Google Cloud Platform) Advanced skills in Linux (RedHat, Debian) and Microsoft Windows operating systems security Familiarity with cybersecurity frameworks and threat models (MITRE ATT&CK, Cyber Kill Chain, STRIDE) Familiarity with cybersecurity standards (ISO27001, NIST, CSIRT, CISA) Good understanding of TCP/IP networks and deployment models (cloud, hybrid and on-premises) Familiarity with High Availability technologies and other resilience solutions Documentation skills, including creating and reviewing policies, procedures, SOPs, playbooks, and post-implementation documents Proficiency in English at the C1 level Willingness and preparedness for travel as required by project needs Ideally, you'll also have: Scripting knowledge (Python, Bash, PowerShell) Modern virtualization solutions (Kubernetes/OpenShift/Docker, KVM, VMWare) Familiarity with security automation tooling and DevSecOps paradigm Familiarity with OT/ICS and Zero-Trust reference architecture Preferably holding one of the relevant Microsoft (MS) certifications (e.G. SC-200, MS-500, AZ-500); and industry standard certifications (e.G. CISSP, SSCP, CCSP, CISM, ECSA) Experience in people management roles Proficiency in AI and machine learning applications, with experience utilizing Copilot. Experience in writing or assisting in the Requests for Proposals process What we offer: Continuous learning: You'll develop the mindset and skills to navigate whatever comes next. Success as defined by you: We'll provide the tools and flexibility, so you can make a meaningful impact, your way