SOC Analyst.

Investigate, respond, protect

DEFION's MDR and Managed Threat Intelligence services are expanding internationally. As a SOC Analyst in Barcelona, you join the DRTI team to detect, analyze, and mitigate cyber threats for our clients. You work with CrowdStrike, Microsoft Sentinel, and other leading SIEM/EDR platforms.

This is not a checkbox role. You will investigate alerts thoroughly, apply threat intelligence to anticipate attacks, contain threats, and write clear reports with actionable recommendations. You collaborate with Red Team, Blue Team, and detection engineers to keep getting better.

What you will do

• Monitor and analyze security alerts in EDR/SIEM platforms, identifying suspicious activity and assessing origin and scope
• Analyze threat intelligence to anticipate potential attacks against clients
• Respond to detected threats: contain, mitigate, minimize impact
• Write reports and client notifications with clear findings and recommendations
• Improve detection rules, develop procedures and playbooks, automate tasks with scripting
• Participate in client meetings for ongoing reviews and onboarding support

What you bring

Must have:

• At least 1 year of experience analyzing security alerts in SIEM and/or EDR platforms (CrowdStrike, Sentinel, Cortex, Splunk, Elastic, etc.)
• Knowledge of Windows and Linux system administration
• Solid understanding of networks and protocols: TCP/IP, DHCP, DNS
• Scripting skills in Bash, Python, or PowerShell
• Analytical thinking: ability to correlate events, detect attack patterns, and solve complex problems
• Clear communication in English for international collaboration
• Availability for 24/7 on-call rotation

Nice to have:

• Cybersecurity certifications or a master's degree
• Degree in Engineering, Cybersecurity, or related field