.With more than 3200 employees worldwide, 32 locations around the world and 4 business units, the Kudelski Group offers endless opportunities for people to start new journeys, grow and succeed.SHAPE THE FUTURE WITH US!Leveraging its long-standing expertise in securing digital content as well as fighting piracy, Kudelski Security, a division of the Kudelski Group, is a provider of cybersecurity solutions and services focused on protecting data, processes and systems for companies and organizations around the world, safeguarding their assets at a time of increasingly remote communications.Location: Madrid, SpainMissionAs part of the Kudelski Security's Managed Detection and Response (MDR) department, the Cyber Security Operations Engineer is responsible for delivering to our clients customized MDR services experience which complement its standard service offering. He will be the privileged liaison between the client and the Cyber Fusion Center for all security operations matter. He will be interacting intensively within the Cyber Fusion Center and with the client staff.ResponsibilitiesThreat MonitoringBe the main point of contact of the Cyber Fusion Center at the client's side.Support standard Cyber Fusion Center activities such as threat Monitoring, security service management, endpoint detection and Response, vulnerability scanning services.Investigate/Remediate incident escalated by the Cyber Fusion Center or Client's internal units.Write specific incident response playbooks for the Client.Define, test, deploy or perform specific use cases and correlation rule, threat hunting activities and threat intelligence activities for the client.Service improvementPerform rules tuning of client SIEM in operation.Support rules factory program in improving the global set of detection.Qualify, analyze, and provide recommendations for new standard data source requests.Support Product teams to build best new services to fit with Operations capabilities.Contribute to client's security projects.Implement new tools or scripts to increase security operations' efficiency.General responsibilitiesTake responsibility for customer satisfaction and overall success of managed services.Recommend improvements for Standard Operating Procedures.Propose enhancement on tools and workflow.Document actions in tickets to effectively communicate information internally and to customers.Adhere to policies, procedures, and security best practices.Requirements / ProfileYou have:Minimum 3 years' experience in information security, particularly in cyber operations.Knowledge of incident response processes (detection, triage, incident analysis, remediation, and reporting).Experience with one or more of the following technologies: EDR/NGAV, SIEM (Splunk), Vulnerability Scanning, Managed Attacker Deception, SOAR.Experience reviewing and analyzing log data, network packets capture.Strong knowledge of Windows/Linux OS, network protocols, scripting languages
