incident response
w-full h-full object-cover
Back to careers

SOC Analyst

Barcelona, Spain

Location: Hybrid / Remote
Employment: Full-time
Team: DRTI

ABOUT DEFION SECURITY

At DEFION, we have been protecting organizations with advanced cybersecurity solutions since 2005. We are specialists in incident response, digital forensics, managed security services, threat intelligence, and offensive security projects (Red & Purple Team).

Our technical team is made up of highly qualified professionals with real experience in complex and critical environments. We work with cutting-edge technology, agile methodologies, automation, and a collaborative approach that boosts both technical and professional growth.

With an international presence and in full expansion of our MDR and MTI services, at DEFION we are looking for profiles with experience in monitoring and analyzing security alerts (EDR/SIEM). Here, you won’t just categorize alerts: you will investigate thoroughly to determine their origin and impact, apply threat intelligence, and carry out mitigation actions to provide the initial response to incidents.

If cybersecurity is your passion and you enjoy investigating threats, we are looking for you.

FUNCTION & RESPONSIBILITIES

As a SOC Security Analyst, you will join the DRTI team for our MDR (Managed Detection and Response) and MTI (Managed Threat Intelligence) services, playing a key role in threat detection, analysis, and mitigation. Your responsibilities will include:

  • Monitoring and analyzing security alerts in EDR/SIEM platforms, identifying suspicious activity and performing an initial assessment of the origin and scope of threats.
  • Analyzing threat intelligence to anticipate potential attacks against our clients.
  • Responding to detected threats, containing and applying mitigation measures to minimize impact.
  • • Creating reports and drafting notifications that communicate analysis findings and recommendations for the client.
  • Collaborating on improving detection rules to optimize detections and reduce false positives.
  • Contributing to the development of procedures and playbooks.
  • Automating tasks and processes through scripting in PowerShell, Python, or Bash.
  • Participating in client meetings, both for ongoing reviews to provide insight into analyzed alerts and for onboarding to support initial deployment and configuration.

REQUIREMENTS

  • Degree in Engineering, Cybersecurity, or related field, or demonstrable equivalent academic or professional experience.
  • At least 1 year of experience analyzing security alerts in SIEM and/or EDR platforms such as CrowdStrike, Microsoft Sentinel, Cortex, Splunk, Elastic ELK, LogRhythm, QRadar, Chronicle, or Wazuh, among others.
  • Knowledge of Windows and UNIX/Linux systems administration.
  • Solid understanding of networks and communication protocols, including TCP/IP, DHCP, DNS, and other fundamental protocols.
  • Scripting skills (Bash, Python, PowerShell) to automate tasks and develop tools.
  • Analytical and logical thinking, with the ability to correlate events, detect attack patterns, and solve complex problems efficiently.
  • Attention to detail and a proactive mindset, capable of identifying anomalies and critically analyzing security alerts.
  • Organizational and teamwork skills.
  • Ability to communicate clearly and effectively in English in technical environments and with international teams.
  • Availability to participate in a 24/7 on-call rotation, ensuring fast and effective response to critical alerts.
  • Specialized training such as cybersecurity certifications or master's degrees will be a plus.

WHAT WE OFFER

  • Being part of an international, young, and dynamic team with an excellent work environment.
  • Close collaboration with the Red Team and Blue Team to stay up to date on real attacks and the latest adversarial techniques, as well as access to different detection technologies such as EDR, SIEMs, threat intelligence, and other security tools.
  • Continuous training, both internal and external, to keep you always up to date (certifications and attendance at annual conferences).
  • Personalized career development plan tailored to your interests and growth, ensuring your professional progression within the company.
  • Flexibility for remote work or access to comfortable offices in a central location in Barcelona.
  • Work–life balance benefits.
  • Summer reduced-hours schedule.
  • Flexible Compensation Plan, including benefits such as meal card, transport, childcare, and training.
  • Private health insurance.

Apply

Upload your CV in .pdf format (max. 1MB)