L2 Senior SOC Analyst

Imagine being part of one of the most successful IT companies in Europe. Turn imagination into reality and apply for this exciting career opportunity in Devoteam.  

L2 SENIOR SOC ANALYST

We are seeking an L2 Senior SOC Analyst for our Security Operations Center (SOC), with solid experience in SIEM/SOAR solutions, especially Google SecOps, as well as Microsoft and AWS ecosystems. The ideal candidate will have extensive experience in creating threat detection use cases, and deep knowledge of EDR/XDR technologies and networks/communications.

Main Responsibilities

• Monitor, analyze, and respond to security alerts using various SIEM/SOAR tools, with special emphasis on Google SecOps
• Conduct second-level investigations on security incidents, detecting patterns of malicious behavior
• Develop, implement, and optimize use cases to improve detection capabilities
• Manage and fine-tune rules in SIEM solutions and EDR/XDR detection tools
• Analyze security telemetry data from Microsoft, AWS, and other environments
• Perform root cause analysis for complex security incidents
• Document procedures, findings, and incidents in detail
• Provide support and guidance to L1 analysts
• Participate in continuous improvement of incident response processes and procedures
• Collaborate in the automation of repetitive security tasks

Technical Requirements

• Demonstrable experience (3+ years) in SOC operations, preferably at L2 level
• Deep knowledge and hands-on experience with Google SecOps (Chronicle, SOAR)
• Extensive experience in other SIEM/SOAR solutions (Splunk, QRadar, Azure Sentinel, etc.)
• Strong experience in Microsoft environments (Microsoft 365 Defender, Azure Security Center, Windows Event Logs)
• Knowledge of AWS security (GuardDuty, Security Hub, CloudTrail)
• Hands-on experience with EDR/XDR solutions (CrowdStrike, SentinelOne, Cortex XDR, etc.)
• Solid knowledge of networks (TCP/IP, firewalls, IDS/IPS, network protocols)
• Experience in developing and implementing use cases for threat detection
• Knowledge of query languages and data analysis (KQL, SQL, SPL, etc.)
• Experience in scripting and automation (Python, PowerShell, Bash)

Valued Certifications

• Relevant certifications such as: GCIA, GCIH, CompTIA Security+, Certified SOC Analyst (CSA), AWS Security, Azure Security
• Specific certifications in SIEM/SOAR platforms (Google SecOps, Splunk, etc.)

Complementary Skills

• Analytical and complex problem-solving abilities
• Excellent written and verbal communication skills in local and English languages
• Professional and effective client interaction capabilities
• Task and project management skills
• Ability to work under pressure and manage multiple priorities
• Experience in planning, organizing, and tracking security initiatives
• Meticulous attention to detail
• Proactive mindset and oriented towards continuous improvement
• Ability to work in a team and share knowledge

Contract Type & Location

• Full time
• Hybrid work arrangement based in Barcelona (Spain)
• Office presence required twice per week

What you can look forward to:

• A challenging and exciting career with an international perspective and opportunities
• High level of trust and competency to make your own decisions
• A warm and talented culture with a focus on business, but knowing that family always comes first
• Access to international network of specialists within the organization to build your rep and skills

At Devoteam we have created a culture of honesty and transparency, inclusion, and cooperation which we value a lot. We are looking for colleagues, who are highly motivated and proactive, not afraid of challenges. We are highly invested in the career path development of our employees, and we offer and support possibilities for further training, certification, and specialization.