Operador N1 Seguridad – SOC

This is a fully remote position, open to applicants in Spain.

📋 Description

• You will be responsible for the early detection, initial analysis (triage), and operational management of alerts and incidents, ensuring comprehensive documentation and escalation to Level 2 according to established procedures and SLAs.

• You will work with various technologies (SIEM, EDR/XDR, perimeter security, email, proxy, etc.) and apply playbooks to ensure a rapid, consistent, and traceable response.

• Real-time monitoring of alerts and security events in SIEM and associated consoles.

• Classification and prioritization of events (true positive / false positive / benign / informational) with appropriate criteria and context.

• Initial triage: analysis of evidence, validation of impact, scope, and urgency (as per procedures).

• Opening, documenting, and updating security tickets with quality (timeline, evidence, actions, and conclusions).

• Execution of standard actions defined in playbooks: blocking IP/URL/domain, endpoint isolation, basic containment, etc. (according to permissions and procedures).

• Structured escalation to Level 2 / specialist teams (IT, networks, systems) when appropriate, including technical context and recommendations.

• Participation in continuous improvement: proposals for adjusting playbooks, reducing noise, enhancing documentation, and improving service quality.

⛳️ Requirements

• Minimum experience: 6–12 months in SOC, monitoring, security support, incident response, or equivalent intensive internships with shifts and use of tools.

• Demonstrable knowledge of: Windows operating systems (events, processes, services) and fundamentals of Linux.

• Networking: TCP/IP, DNS, HTTP/HTTPS, proxy, VPN, segmentation concepts, and basic troubleshooting.

• Fundamentals of cybersecurity: types of malware, phishing, common intrusion techniques, triage, and containment.

• Proficiency in tools (at least one, at an operational level): SIEM (searches, filters, dashboards, basic correlations) and/or EDR/XDR (endpoint telemetry, isolation, basic analysis).

• Documenting skills: clear and organized writing of tickets, evidence, and technical conclusions.

• Availability for 24x7 shifts: weekly rotation (morning/afternoon/night), 5 days/week, including weekends and holidays as planned.

• Experience following operational procedures, SLAs, and escalation models.

• Teamwork and camaraderie.

🏝️ Benefits

• Holiday on your birthday + personal leave day.

• Opportunity to access flexible compensation plans (meal card, transport card, childcare).

• Private Health Insurance, Wellhub.

• Significant discounts on various services and training for being an employee of Logicalis (retail, electronics, travel, etc.).

• Training and certifications tailored to your job position.

• Professional development with cutting-edge projects and current technologies in the market.