80 Ofertas de Security Analyst en Barcelona

Job Description

As a Security Analyst in our CDC (Cyber Defense Center) Department, you will play a crucial role in safeguarding our organization’s digital assets. Your responsibilities will span various aspects of cybersecurity, including threat detection, incident response, and vulnerability management. You’ll collaborate with cross-functional teams to enhance our security posture and ensure compliance with industry standards.

Job Description

As a Security Analyst in our CDC (Cyber Defense Center) Department, you will play a crucial role in safeguarding our organization’s digital assets. Your responsibilities will span various aspects of cybersecurity, including threat detection, incident response, and vulnerability management. You’ll collaborate with cross-functional teams to enhance our security posture and ensure compliance with industry standards.

Key Tasks And Responsibilities

Security Monitoring

• Monitor security events and alerts using our SIEM (Security Information and Event Management) system.
• Investigate and analyze suspicious activities, anomalies, and potential threats.
• Collaborate with the incident response team to address security incidents promptly.
  
  

• Respond to security incidents promptly and effectively.
• Coordinate incident handling, containment, eradication, and recovery efforts.
• Document incident details and lessons learned for continuous improvement.
  
  

• Develop and maintain incident response playbooks and procedures.
• Participate in tabletop exercises and real-time incident simulations.
• Work closely with other teams (network, IT-Security, system administrators, etc.) during incident resolution.
  
  

• Conduct proactive threat hunting exercises to identify potential vulnerabilities and attack vectors.
• Collaborate with the red team (offensive security) to simulate real-world attacks and assess our defenses.
• Provide actionable insights to improve our security controls based on purple team findings.
  
  

• Regularly assess and prioritize vulnerabilities across our environment.
• Coordinate vulnerability scanning and patch management efforts.
• Ensure timely remediation of critical vulnerabilities.
  
  

• Collaborate with external penetration testers or conduct internal penetration tests.
• Identify vulnerabilities in our systems, applications, and network infrastructure.
• Provide actionable recommendations to remediate identified weaknesses.
  
  

• Define and track key performance indicators (KPIs) related to security operations.
• Monitor compliance with security policies, standards, and regulations.
• Generate reports and metrics for management and stakeholders.
  

• Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience).
• Relevant certifications (e.g., CISSP, CEH, CompTIA Security+, etc.) are highly desirable.
• Strong analytical skills and attention to detail.
• Experience with security tools, such as EDR, vulnerability scanning, SOAR, mail security, SIEM platforms, vulnerability scanners, and penetration testing frameworks.
• Knowledge of industry standards (ISO 27001, NIST, CIS Controls, etc.)
  
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Medical Equipment Manufacturing

Referrals increase your chances of interviewing at B. Braun Group by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Security Analyst

Job Description

As a Security Analyst in our CDC (Cyber Defense Center) Department, you will play a crucial role in safeguarding our organization’s digital assets. Your responsibilities will span various aspects of cybersecurity, including threat detection, incident response, and vulnerability management. You’ll collaborate with cross-functional teams to enhance our security posture and ensure compliance with industry standards.

Key Tasks and Responsibilities

Security Monitoring

• Monitor security events and alerts using our SIEM (Security Information and Event Management) system.
• Investigate and analyze suspicious activities, anomalies, and potential threats.
• Collaborate with the incident response team to address security incidents promptly.

Security Incidents

• Respond to security incidents promptly and effectively.
• Coordinate incident handling, containment, eradication, and recovery efforts.
• Document incident details and lessons learned for continuous improvement.
• Develop and maintain incident response playbooks and procedures.
• Participate in tabletop exercises and real-time incident simulations.
• Work closely with other teams (network, IT-Security, system administrators, etc.) during incident resolution.

Threat Hunting / Purple Team

• Conduct proactive threat hunting exercises to identify potential vulnerabilities and attack vectors.
• Collaborate with the red team (offensive security) to simulate real-world attacks and assess our defenses.
• Provide actionable insights to improve our security controls based on purple team findings.

Vulnerability Management

• Regularly assess and prioritize vulnerabilities across our environment.
• Coordinate vulnerability scanning and patch management efforts.
• Ensure timely remediation of critical vulnerabilities.

Penetration Testing

• Collaborate with external penetration testers or conduct internal penetration tests.
• Identify vulnerabilities in our systems, applications, and network infrastructure.
• Provide actionable recommendations to remediate identified weaknesses.

KPI / Compliance Monitoring

• Define and track key performance indicators (KPIs) related to security operations.
• Monitor compliance with security policies, standards, and regulations.
• Generate reports and metrics for management and stakeholders.

Qualifications and Skills

• Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience).
• Relevant certifications (e.g., CISSP, CEH, CompTIA Security+, etc.) are highly desirable.
• Strong analytical skills and attention to detail.
• Experience with security tools, such as EDR, vulnerability scanning, SOAR, mail security, SIEM platforms, vulnerability scanners, and penetration testing frameworks.
• Knowledge of industry standards (ISO 27001, NIST, CIS Controls, etc.)

If you’re passionate about cybersecurity, thrive in a dynamic environment, and want to contribute to our global organization’s safety, we encourage you to apply!

About Us:

At Reverse Tech, we are on a mission to create, launch, and scale digital product brands in the health and wellness space. Our goal is ambitious – we aim to help 10 million people improve their health by 2030 through hyper-targeted, mass-scale brands. We specialize in subscription-based business models and pride ourselves on being results-focused, with no big egos, just big data.

What We Want to Achieve:

Our vision is to discover novel self-serve solutions to the world’s greatest health problems, all while adhering to our core values.

We are looking for a Junior Information Security Analyst to join our Reverse Tech remote team. You will play a crucial role in building and scaling our mobile apps within our health and wellness vertical. You’ll work closely with senior stakeholders across all of Reverse Tech, contributing to our mission of improving lives and changing the world through innovative digital solutions.

About the role:

• Dive into the world of cybersecurity across multiple domains (Software Engineering, Data, IT Support, and DevOps).
• Secure IT infrastructure by building and maintaining secure environments.
• Develop automation scripts for API workflows and essential security processes.
• Analyze security issues using BI Tools (such as Looker, Tableau etc.) and SQL.
• Integrate latest AI/ML tools to identify and mitigate cyber threats.
• Ensure compliance with standards such as GDPR, PCI-DSS, and ISO27001.
• Collaborate with various teams to align security measures with business needs.
• Document procedures clearly, for both technical and business backgrounds.

Skills needed:

• Proficiency in programming (e.g., Python, Java) and basic SQL skills.
• Experience with API scripting for automation and system integration.
• Strong analytical skills for troubleshooting and analyzing security issues
• Excellent communication and collaboration abilities.
• Bachelor’s degree in Computer Science, Cyber Security, or a related field (or equivalent practical experience).

Our Values:

• Care: We support and stand by our team members in any situation, ensuring that no one is left behind.
• Extreme Ownership: We take responsibility not only for tasks under our direct control but for anything that impacts our mission’s success.
• Identification: We take pride in being part of something bigger than ourselves, with the goal of changing the world by helping people get healthier.
• Communication: We value honesty and direct language, fostering a culture free of politics.
• Performance: We believe in providing full freedom while striving for top-notch performance from everyone.
• Trust: We value the words and qualities of our team members, fostering an environment of trust and respect.

What Our Team Members Get:

• 100% remote and flexible work hours
• Top notch equipment (MacBook Pro or PC, you decide)
• Full-time or freelance opportunities
• Learning from the best, including ex-Googlers and more
• Unlimited growth prospects
• Inclusion in a winning team
• Competitive compensation
• A fun, non-corporate atmosphere

If you’re passionate about digital advertising, have a solid experience in cyber security , and are ready to join a dynamic, global team, we encourage you to apply. Help us shape the future of health and wellness through technology.

Learn more about us at and apply today to become a key player in our exciting journey.

*This position is offered as a Remote option, reach out to us to evaluate the options according to your location.

Join to apply for the Senior Security Analyst role at Avanade.

About the role

In this client-facing consultancy role, you will work on projects transforming client Cyber Defense strategies through Microsoft Threat Protection technologies. You will serve both Avanade and Accenture clients, ranging from medium to large enterprises, and become a leader in Cyber Defense.

Skills and Experiences

• Understanding of threat modelling, risk mitigation, and incident response processes.
• Experience with Microsoft platforms (Windows, Microsoft 365, Azure).
• Background in managed security services, incident response, and security advisory.
• Knowledge of threat actor techniques and business, privacy, security, and compliance challenges.
• Interest in obtaining advanced Microsoft certifications (SSCP, CCSP, CSSP).

About You

• Consultative, collaborative, resilient, adaptable, fluent in Spanish and English.

Key Responsibilities

• Design and implement endpoint security solutions, including Anti-Virus and EDR.
• Protect communication platforms from malicious attacks.
• Develop use cases and rules to identify attack chains across systems.
• Design and integrate security incident management solutions, focusing on Azure Sentinel.
• Perform threat hunting across various platforms.

Additional Information

Avanade is a leading provider of digital, cloud, AI, and advisory services across the Microsoft ecosystem, with a global presence and numerous certifications. We offer extensive training, a supportive community, and a commitment to diversity and inclusion.

Join us to grow your career, work on innovative projects, and be part of a diverse team dedicated to transforming cybersecurity.

Join to apply for the Senior Security Analyst role at Avanade.

About the role

In this client-facing consultancy role, you will work on projects transforming client Cyber Defense strategies through Microsoft Threat Protection technologies. You will serve both Avanade and Accenture clients, ranging from medium to large enterprises, and become a leader in Cyber Defense.

Skills and Experiences

• Understanding of threat modelling, risk mitigation, and incident response processes.
• Experience with Microsoft platforms (Windows, Microsoft 365, Azure).
• Background in managed security services, incident response, and security advisory.
• Knowledge of threat actor techniques and business, privacy, security, and compliance challenges.
• Interest in obtaining advanced Microsoft certifications (SSCP, CCSP, CSSP).

About You

• Consultative, collaborative, resilient, adaptable, fluent in Spanish and English.

Key Responsibilities

• Design and implement endpoint security solutions, including Anti-Virus and EDR.
• Protect communication platforms from malicious attacks.
• Develop use cases and rules to identify attack chains across systems.
• Design and integrate security incident management solutions, focusing on Azure Sentinel.
• Perform threat hunting across various platforms.

Additional Information

Avanade is a leading provider of digital, cloud, AI, and advisory services across the Microsoft ecosystem, with a global presence and numerous certifications. We offer extensive training, a supportive community, and a commitment to diversity and inclusion.

Join us to grow your career, work on innovative projects, and be part of a diverse team dedicated to transforming cybersecurity.

We're looking for a Lead Information Security Analyst with deep expertise in Salesforce (SFDC) security to help safeguard our enterprise systems and support secure digital transformation.

Dynatrace exists to make the world’s software work perfectly. Our unified software intelligence platform combines broad and deep observability and continuous runtime application security with the most advanced AIOps to provide answers and intelligent automation from data at an enormous scale. This enables innovators to modernize and automate cloud operations, deliver software faster and more securely, and ensure flawless digital experiences. That is why the world’s largest organizations trust Dynatrace to accelerate digital transformation.

We're an equal opportunity employer and embrace all applicants. Dynatrace wants YOU—your diverse background, talents, values, ideas, and expertise. These qualities are what make our global team stronger and more seasoned. We're fueled by the diversity of our talented employees.

• Represent the Corporate Security team in the selection and implementation of large ERP type packages. Most specifically SFDC but others as well.
• Train and coordinate with systems application owners, data custodians, technical leads, and business impact analysts on security standards, guidelines, and vendor risk management of the systems within the organization and sub organizations.
• Build relationships with Dynatrace Business Systems application teams.
• Create, conduct, and report on security audits and assessments for all systems applications (custom, SaaS and 3rd Party applications).
• Provide guidance and support over the teams and ensure they can meet risk management requirements and industry control frameworks for their systems/applications.
• Contribute to the development and implementation of security policies, procedures, and controls.
• Serve as a bridge between the Dynatrace business units and the Security Risk Management organization to promote and facilitate the adaptation and involvement with the Dynatrace Risk Management Framework

Technical skills:

• Experience with Salesforce (SFDC) implementations and integrations.
• Experience performing secure application configurations of other large ERP type Software packages.
• Knowledge of configuration and integration security (API, etc.) for SaaS solutions
• Understanding Secure Architecture Design (Zero Trust, Threat Modeling)
• Understanding of Application Security (OWASP Top 10)
• Experience in programming languages and technologies used in web development
• Proficiency with AGILE techniques, preferably tools: Atlassian/Jira
• Proficiency in using security assessment tools and techniques
• Understanding of legal and regulatory obligations related to information security.
• Experience working with Governance, Risk and Compliance (GRC) tools (preferred: OneTrust)

Risk Management Skills:

• Identifying potential security vulnerabilities, risks and their potential impact to the organization
• Risk analysis and mitigation of potential vulnerabilities
• Applying risk management frameworks and methodologies
• Performing data classification
• Conducting security risk reviews
• Control framework implementation, such as NIST 800-53, ISO 27001, Fed Ramp and NIST CSF
• Knowledge of penetration tests on web applications and tools.
• Maintaining systems/applications records status for reporting and alerts
• Providing advice and guidance in implementing IT security policies and procedures to reduce risk.
• Stay current with emerging threats, vulnerabilities, and security technologies.

• A one-product software company creating real value for the largest enterprises and millions of end customers globally, striving for a world where software works perfectly.
• Working with the latest technologies and at the forefront of innovation in tech on scale; but also, in other areas like marketing, design, or research.
• A team that thinks outside the box, welcomes unconventional ideas, and pushes boundaries.
• An environment that fosters innovation, enables creative collaboration, and allows you to grow.
• A globally unique and tailor-made career development program recognizing your potential, promoting your strengths, and supporting you in achieving your career goals.
• A truly international mindset with Dynatracers from different countries & cultures all over the world, and English as the corporate language that connects us all
• A culture that is being shaped by the diverse personalities, expertise, and backgrounds of our global team.

OFERTA DE EMPLEO: Security Analyst - Detection Engineering Specialist

COMPAÑÍA: INCIDE

UBICACIÓN: Barcelona / Teletrabajo

FECHA OFERTA : 25/08/2025

NÚMERO DE PUESTOS: 1

RANGO SALARIAL: 28k-38k (en función de experiencia y capacidad)

SOBRE INCIDE

En INCIDE , llevamos desde 2005 protegiendo organizaciones con soluciones avanzadas de ciberseguridad. Somos referentes en respuesta a incidentes , análisis forense digital , servicios gestionados , inteligencia de amenazas y proyectos ofensivos (Red & Purple Team) .

Nuestro equipo técnico está formado por profesionales altamente cualificados, con experiencia real en entornos complejos y críticos. Trabajamos con tecnología puntera, metodologías ágiles, automatización y un enfoque colaborativo que potencia el crecimiento técnico y profesional.

Con presencia internacional y en plena expansión, en INCIDE apostamos por el talento, la formación continua y el desarrollo de carrera. Aquí no solo consumirás inteligencia: la generarás y aplicarás en detecciones efectivas . Trabajarás en un equipo multidisciplinar, transformando los hallazgos de proyectos ofensivos reales en reglas de detección.

Como parte de nuestro servicio de Detection Engineering y MDR-Extended , buscamos perfiles con experiencia en creación de reglas (EDR/XDR/SIEM), detección basada en comportamiento y análisis de TTPs. Si te apasiona diseñar detecciones que marquen la diferencia, en INCIDE te estamos buscando .

FUNCIONES Y RESPONSABILIDADES:

Como Detection Engineer , tendrás un papel clave en fortalecer la seguridad de nuestros clientes. Pondrás en práctica tu conocimiento sobre técnicas y tácticas adversariales para diseñar y desarrollar reglas de detección avanzadas que permitan identificar y responder eficazmente a amenazas de seguridad. Tus responsabilidades serán las siguientes:

• Diseñar, desarrollar y afinar reglas de detección en plataformas como SIEM, EDR y XDR, mejorando así las capacidades de detección y respuesta ante incidentes.
• Analizar resultados de simulaciones de atacantes para detectar deficiencias en los controles de seguridad.
• Elaborar estrategias de detección y mitigación de amenazas.
• Automatizar y optimizar procesos mediante la creación de herramientas y scripts que agilicen tanto la evaluación de seguridad como la generación de informes.

REQUISITOS

• Grado en Ingeniería o campo relacionado en Ciberseguridad o experiencia profesional equivalente demostrable.
• 1 ó 2 años de experiencia en una o más de las siguientes funciones:
• Analista de SOC o Ingeniero de detección con experiencia en la creación y/o optimización de alertas en plataformas SIEM y/o EDR, concretamente con conocimiento en lenguaje CrowdStrike Query Language (CQL) y Kusto Query Language (KQL) de Microsoft.
• Profundo conocimiento de logs, telemetría y eventos de Windows , con especialización en la identificación y análisis de tácticas y técnicas adversariales para la detección proactiva de amenazas.
• Sólida comprensión de tácticas, técnicas y procedimientos (TTPs) de adversarios basados en MITRE ATT&CK.
• Experiencia en plataformas SIEM y EDR como CrowdStrike, Microsoft Sentinel, Cortex, Splunk, Elastic ELK, LogRhythm, QRadar, Chronicle o Wazuh, entre otras.
• Habilidades en scripting (Bash, Python, PowerShell) para automatizar tareas y desarrollar herramientas.
• Conocimientos en administración de sistemas Windows y UNIX/Linux.
• Conocimiento sólido de redes y protocolos de comunicación, incluyendo TCP/IP, DHCP, DNS, y otros protocolos fundamentales.
• Mentalidad Purple : Capacidad para pensar como un adversario (Red Team) y, a la vez, mejorar la defensa (Blue Team).
• Capacidad para comunicarse en inglés de manera clara y efectiva en entornos técnicos y con equipos internacionales.
• Habilidades analíticas, organizativas y creativas , con atención al detalle, capacidad para detectar anomalías y resolver problemas complejos.
• Se valorará formación especializada como certificaciones y Máster en el ámbito de la ciberseguridad.

QUÉ OFRECEMOS

• Formar parte de un equipo internacional, joven y dinámico y en un excelente ambiente de trabajo .
• Colaboración estrecha con el Red Team y el Blue Team para estar al día de ataques reales y las técnicas adversariales más novedosas, así como tener al alcance distintas tecnologías de detección como EDR, SIEMs, ciberinteligencia u otras herramientas de seguridad.
• Formación continua tanto interna como externa, para mantenerte siempre actualizado (certificaciones y asistencia a congresos anuales).
• Plan de carrera profesional personalizado , diseñado en función de tus intereses y evolución, asegurando tu crecimiento dentro de la empresa.
• Flexibilidad para teletrabajo o acceso a cómodas oficinas en una ubicación céntrica en Barcelona.
• Facilidades para la conciliación laboral y personal.
• Jornada intensiva en verano.
• Plan de Retribución Flexible , que incluye beneficios a través de tarjeta de restaurante, transporte, guardería y formación.
• Mutua de salud.

OFERTA DE EMPLEO: Security Analyst - Detection Engineering Specialist

COMPAÑÍA: INCIDE

UBICACIÓN: Barcelona / Teletrabajo

FECHA OFERTA : 25/08/2025

NÚMERO DE PUESTOS: 1

RANGO SALARIAL: 28k-38k (en función de experiencia y capacidad)

SOBRE INCIDE

En INCIDE , llevamos desde 2005 protegiendo organizaciones con soluciones avanzadas de ciberseguridad. Somos referentes en respuesta a incidentes , análisis forense digital , servicios gestionados , inteligencia de amenazas y proyectos ofensivos (Red & Purple Team) .

Nuestro equipo técnico está formado por profesionales altamente cualificados, con experiencia real en entornos complejos y críticos. Trabajamos con tecnología puntera, metodologías ágiles, automatización y un enfoque colaborativo que potencia el crecimiento técnico y profesional.

Con presencia internacional y en plena expansión, en INCIDE apostamos por el talento, la formación continua y el desarrollo de carrera. Aquí no solo consumirás inteligencia: la generarás y aplicarás en detecciones efectivas . Trabajarás en un equipo multidisciplinar, transformando los hallazgos de proyectos ofensivos reales en reglas de detección.

Como parte de nuestro servicio de Detection Engineering y MDR-Extended, buscamos perfiles con experiencia en creación de reglas (EDR/XDR/SIEM), detección basada en comportamiento y análisis de TTPs. Si te apasiona diseñar detecciones que marquen la diferencia, en INCIDE te estamos buscando .

FUNCIONES Y RESPONSABILIDADES:

Como Detection Engineer, tendrás un papel clave en fortalecer la seguridad de nuestros clientes. Pondrás en práctica tu conocimiento sobre técnicas y tácticas adversariales para diseñar y desarrollar reglas de detección avanzadas que permitan identificar y responder eficazmente a amenazas de seguridad. Tus responsabilidades serán las siguientes:

• Diseñar, desarrollar y afinar reglas de detección en plataformas como SIEM, EDR y XDR, mejorando así las capacidades de detección y respuesta ante incidentes.
• Analizar resultados de simulaciones de atacantes para detectar deficiencias en los controles de seguridad.
• Elaborar estrategias de detección y mitigación de amenazas.
• Automatizar y optimizar procesos mediante la creación de herramientas y scripts que agilicen tanto la evaluación de seguridad como la generación de informes.

REQUISITOS

• Grado en Ingeniería o campo relacionado en Ciberseguridad o experiencia profesional equivalente demostrable.
• 1 ó 2 años de experiencia en una o más de las siguientes funciones:
• Analista de SOC o Ingeniero de detección con experiencia en la creación y/o optimización de alertas en plataformas SIEM y/o EDR, concretamente con conocimiento en lenguaje CrowdStrike Query Language (CQL) y Kusto Query Language (KQL) de Microsoft.
• Profundo conocimiento de logs, telemetría y eventos de Windows , con especialización en la identificación y análisis de tácticas y técnicas adversariales para la detección proactiva de amenazas.
• Sólida comprensión de tácticas, técnicas y procedimientos (TTPs) de adversarios basados en MITRE ATT&CK.
• Experiencia en plataformas SIEM y EDR como CrowdStrike, Microsoft Sentinel, Cortex, Splunk, Elastic ELK, LogRhythm, QRadar, Chronicle o Wazuh, entre otras.
• Habilidades en scripting (Bash, Python, PowerShell) para automatizar tareas y desarrollar herramientas.
• Conocimientos en administración de sistemas Windows y UNIX/Linux.
• Conocimiento sólido de redes y protocolos de comunicación, incluyendo TCP/IP, DHCP, DNS, y otros protocolos fundamentales.
• Mentalidad Purple : Capacidad para pensar como un adversario (Red Team) y, a la vez, mejorar la defensa (Blue Team).
• Capacidad para comunicarse en inglés de manera clara y efectiva en entornos técnicos y con equipos internacionales.
• Habilidades analíticas, organizativas y creativas , con atención al detalle, capacidad para detectar anomalías y resolver problemas complejos.
• Se valorará formación especializada como certificaciones y Máster en el ámbito de la ciberseguridad.

QUÉ OFRECEMOS

• Formar parte de un equipo internacional, joven y dinámico y en un excelente ambiente de trabajo .
• Colaboración estrecha con el Red Team y el Blue Team para estar al día de ataques reales y las técnicas adversariales más novedosas, así como tener al alcance distintas tecnologías de detección como EDR, SIEMs, ciberinteligencia u otras herramientas de seguridad.
• Formación continua tanto interna como externa, para mantenerte siempre actualizado (certificaciones y asistencia a congresos anuales).
• Plan de carrera profesional personalizado , diseñado en función de tus intereses y evolución, asegurando tu crecimiento dentro de la empresa.
• Flexibilidad para teletrabajo o acceso a cómodas oficinas en una ubicación céntrica en Barcelona.
• Facilidades para la conciliación laboral y personal.
• Jornada intensiva en verano.
• Plan de Retribución Flexible , que incluye beneficios a través de tarjeta de restaurante, transporte, guardería y formación.
• Mutua de salud.