Threat Detection Analyst
Boadilla del Monte, Spain
WHAT YOU WILL BE DOING
SANTANDER TECHNOLOGY & OPERATIONS is looking for a Cyber Threat Analyst, based mainly in MADRID.
WHY YOU SHOULD JOIN US
At Santander, you can be part of one of the largest transformations the world is experiencing in the past several decades.
The emergence of disruptive platforms as a business model has reshaped other industries and is poised to do the same in financial services.
We are transforming our Technology function, with 500+ new hires planned for this 2020.
We are looking for professionals like you, with the skills and competencies required for the development of digital solutions for the creation, implementation, and evolution of the new Global Platforms required for Santander Group all over the world.
And on top of a meaningful job, we care about you.
At Santander, this means creating a workplace that respects your individuality and supports you to enjoy life outside work.
You will enjoy flexible working conditions, a global well-being program, BeHealthy, and will be entitled to spend a certain number of hours each month volunteering.
WHAT YOU WILL BE DOING
Identify unknown cyber threats within the Santander Group using search techniques on data lakes and SIEMs.
Correlate threat actor profiles and TTPs to attack vectors to develop new use cases or hypotheses for hunting campaigns.
Understand internal and external Threat Scenarios.
Conduct and lead threat modeling exercises in the team.
Conduct analysis of the incoming threat intelligence feeds vs. impact.
Recommend changes on security alerts on SIEM and Security Platforms.
Create improvements in processes such as Threat Hunting, use-cases and threat modeling, etc.
Assure quality on junior colleagues' activities.
Report important events to relevant parts.
WHAT YOU NEED TO BRING EXPERIENCE & EDUCATION
2+ years of experience in Information technology and cybersecurity.
University Degree in related areas (computer science, computer engineering, network technology or similar).
Fluent in English and Spanish written and spoken.
SKILLS & KNOWLEDGE
Excellent knowledge of SIEM searching languages (Splunk or Microsoft Sentinel).
Excellent knowledge of the main attack vectors, methods, and techniques (previous red teamer experience is a plus).
Good knowledge of security platforms (IPS, IDS, EDR, AV, WAF, etc.
).
Strong knowledge of network data analysis.
Strong knowledge of network communication protocols such as TCP/IP stack, SMTP, SMB, HTTP.
Strong knowledge of cloud models, platforms and related threats (Azure and AWS).
Skills in scripting languages (Python, Javascript, PowerShell, etc.
).
Knowledge of vulnerability and risk analysis.
Strong knowledge of Linux, Windows system internals.
Demonstrated relevant experience as a key member of a threat detection, hunting, incident response, malware analysis, or similar role.
Tangible experience combatting crimeware or APT is a distinguishing factor.
#J-18808-Ljbffr