Treball Enginyer de Ciberseguretat Linux en 28040 Madrid

INECO busca un perfil de Threat Hunter (Ciberseguridad ) para un cliente con nosotros en la administración pública. Rol: Threat Hunter (Ciberseguridad) FUNCIONES: Realizar 'threat hunting' para informar y proteger al cliente - Gestión del motor de gestión de amenazas (threat engine): * Revisión diaria de indicadores de alertas del motor de amenazas e indicadores de compromiso. * Configuración de reglas del sistema. - Análisis diarios de amenazas y recopilación de fuentes de ciberinteligencia. * Identificación de nuevas vulnerabilidades críticas y análisis de aplicación. - Apoyo en investigación de ciberataques. - Definición de reglas para identificación de malware REQUISITOS: Dos (2) años de experiencia en el ámbito TIC. Un (1) año de experiencia en ciberseguridad. Threat Hunting y análisis de malware. Detección de anomalías, vulnerabilidades y técnicas de ataque. Experiencia en SIEMs (herramientas de correlación de logs) como Microsoft Sentinel, QRadar o Splunk. Análisis eventos de seguridad y LOGs. Gestión de alertas y escalado de incidentes. Conocimientos de Windows Deseable: Pen testing y hacking ético. Conocimientos de herramientas de análisis de malware. Conocimientos de reglas SIGMA, SNORT o YARA. Conocimientos de otras plataformas: Linux/Mac/Android. Condiciones Laborales: Lugar de Trabajo: Madrid, España. Tipo de Contrato: Determinado. Salario: A convenir de acuerdo a la experiencia.

The Swiss Financial Center combines expertise and technology, enabling businesses to thrive here and abroad, processing billions of transactions every day. And SIX/BME is right at the center of it. Do you want to become part of a dynamic team, which protects this ecosystem? We are seeking a highly skilled Cybersecurity Engineer to join our team. This role is crucial for maintaining and advancing our cybersecurity posture by engineering and optimizing our security tools and systems. The ideal candidate will have deep expertise in security tools such as Endpoint Detection and Response (EDR), Security Orchestration, Automation, and Response (SOAR), Threat Intelligence Platforms (TIP), and sandbox environments. The Cybersecurity Engineer will collaborate with cross-functional teams to implement, maintain, and improve security measures that protect our organization from cyber threats. What You Will Do Security Tool Engineering: Design, deploy, configure, and maintain cybersecurity tools including EDR, SOAR, TIP, and sandbox environments to enhance our security operations. This includes the engineering, deployment, and configuration of the SOAR platform, ensuring its seamless integration with other security tools and systems. Threat Intelligence: Integrate and manage Threat Intelligence Platforms (TIP) to ensure accurate and timely information is available for threat detection, hunting, intel and response activities. Sandbox Analysis: Deploy and manage sandbox environments for malware analysis, ensuring that threats are accurately identified. Tool Optimization: Continuously assess and improve the effectiveness of security tools, ensuring they are aligned with current threat landscapes and organizational needs. Collaboration: Work closely with IT, SOC, and other cybersecurity teams to ensure that tools and processes are aligned with the broader security strategy. Documentation & Reporting: Maintain detailed documentation of security tools, configurations, and procedures. Provide regular reports on the effectiveness and utilization of security tools What You Bring Bachelor's degree in Computer Science, Information Technology, or a related field Proficiency in Linux operating systems (e.g., CentOS, Ubuntu, Red Hat). Over three (3) years of proven experience with EDR, SOAR, Sandbox & TIP tooling (i.e MDE, Tanium, XSOAR, Anomaly, MISP, etc) Experience with using GitLab is a plus Python coding knowledge for automation is a plus Excellent analytical and problem-solving skills, with the ability to troubleshoot and resolve complex technical issues while working effectively in a team-oriented environment Excellent verbal & writing skills with English is a must Willingness to be on-call rotations What We Offer Flexible Work Models: We trust our employees and offer a work environment that is well-balanced, productive and fosters success. Personal Development: You will benefit from a culture of continuous learning and feedback. Your personal growth is supported through an extensive learning offering. Agile Working Methods: Whether through scrum or design thinking, we solve exciting tasks together in teams. Diversity is important to us. Therefore, we are looking to receiving applications regardless of any personal background. Upload your CV in English.

The Swiss Financial Center combines expertise and technology, enabling businesses to thrive here and abroad, processing billions of transactions every day. And SIX/BME is right at the center of it. Do you want to become part of a dynamic team, which protects this ecosystem? We are looking for a Cyber Security Engineer to join our growing global team. As a member of the team in the cybersecurity organization, you apply your technical know-how to drive log ingestion, aggregation and processing capabilities for our security and operational monitoring with a security-first mindset. You will play an active role supporting the SIEM and operational monitoring by providing real-time log shipping, streaming, parsing, normalization and enrichment of the data. You work hand-in-hand with our internal customers and technology partners to engineer our security stack, increase the level of automation, and evaluate improvements as well as new technologies. What You Will Do Identify and support the onboarding of new data sources Develop and maintain efficient pipelines for various log types Design and implement data parsing and transformation for accessibility Assist stakeholders in accessing and using data. Troubleshoot queries and provide technical support Create and maintain documentation, including configuration guides and SOPs Manage the ELK Enterprise stack and complementary components What You Bring Experience with ELK (Elasticsearch, Kibana and Logstash), NXlog & Kafka Proficiency CI/CD using GitLab and Terraform. Python coding knowledge for automation Bachelor's degree in Computer Science, Information Technology, or a related field Certifications or technology work experience (e.g., Red Hat, Elastic, Splunk, etc) is a plus Excellent verbal & writing skills with English is a must Willingness to be on-call What We Offer Flexible Work Models: We trust our employees and offer a work environment that is well-balanced, productive and fosters success. Personal Development: You will benefit from a culture of continuous learning and feedback. Your personal growth is supported through an extensive learning offering. Agile Working Methods: Whether through scrum or design thinking, we solve exciting tasks together in teams. Diversity is important to us. Therefore, we are looking to receiving applications regardless of any personal background. Upload your CV in English.