Senior Purple Team Engineer / Lead (Blue Focused)
Tasks
- Align activities to ISO IEC 27001 and NIS2
- Build Microsoft Sentinel analytics rules
- Conduct threat hunting
- Correlate vulnerabilities with attacker paths
- Design adversary attack scenarios
- Develop and tune SIEM detections
- Identify detection gaps
- Improve Microsoft Defender XDR detections
- Map attack scenarios to MITRE ATT&CK
- Mentor junior analysts
- Optimize SIEM alerts
- Perform DFIR investigations
- Plan and execute purple team exercises
- Prioritize remediation based on exploitability
- Produce executive reporting
- Support incident response escalation
- Tune incident response playbooks
- Validate alert quality and reduce false positives
- Validate detection coverage against TTPs
- Write KQL queries
Perks/Benefits
- Employee referral program
- Health and sports bonus
- Meal cost reimbursements
- Mobile working option
- Private health insurance option
- Tax benefits for commuting
- Tax benefits for kindergarten expenses
- Training and education
Skills/Tech-stack
Atomic Red Team | Azure | Azure AD | Blue Team | Caldera | Cloud apps | Cybersecurity | DFIR | Defender XDR | Defender for Cloud Apps | Defender for Endpoint | Defender for Identity | Defender for Office 365 | Digital forensics | Entra ID | Incident Response | Incident Response Playbooks | KQL | Kubernetes N/A | Linux forensics | MITRE ATT&CK | Microsoft Defender | Microsoft Defender XDR | Microsoft Defender for Cloud | Microsoft Defender for Cloud Apps | Microsoft Defender for Endpoint | Microsoft Defender for Identity | Microsoft Defender for Office | Microsoft Defender for Office 365 | Microsoft Entra | Microsoft Entra ID | Microsoft Purview | Microsoft Sentinel | N A | Office 365 | Penetration Testing | Powershell | Purple Teaming | Python | Red team | Response playbooks | SIEM | Social engineering | Threat Intelligence | Threat hunting | Threat modeling | Velociraptor | Windows forensics
Education
Bachelor of Engineering | Bachelor of Science | Master of Science
Related jobs
-
Attack Simulation | Cybersecurity | Digital forensics | Endpoint Security | Incident ResponseAdoption leave | Employee resource groups | Flexible work environment | Paid parental leave | Paid time offSenior-level Full TimeSpain1d ago
-
AI Consulting Solutions Engineer GBP 50K-78KAWS | Anthropic | Azure | Cloud Computing | Cloud platformMid-level Full TimeLondon, England, United Kingdom; Madrid, Madrid, …1d ago
-
Arquitecto Devsecops - Cloud – Ingles - Remoto EUR 38K-42KAmazon AWS | Ansible | Ansible Tower | ArgoCD | Azure23 days vacation | Employee discounts | Flexible compensation | Indefinite contract | On-call dutiesSenior-level Full TimeESPAÑA, ESPAÑA R1d ago
-
Senior Security Engineer SIEM (Hybrid set up) EUR 60K-100KAzure Event | Azure Event Hubs | CI/CD | Data Enrichment | Data StreamsCareer development | Hybrid work model | Inclusive international work environment | Learning opportunitiesSenior-level Full TimeMadrid, M, ES R1d ago
-
Senior Security Engineer, Incident Response GBP 91K-110KAWS | Access Control | Azure | Cloud Security | DFIRSenior-level Full TimeAmsterdam, Netherlands; Berlin, Germany; London, United … R1d ago
-
Application Security | Incident Response | Pentesting | Remediation planning | Risk AssessmentChildcare support | Flexible working hours | Health insurance | Meal tickets | Professional Development DiscountsSenior-level Full TimeMadrid, MD, Spain2d ago
-
Application Architecture | Application Security | Cybersecurity | Development Lifecycle | Development PracticesChildcare support | Employee discounts | Flexible office hours | Health insurance | Language trainingEntry-level Full TimeMadrid, MD, Spain2d ago
-
API Integration | APTs | AbuseIPDB | Agile | AlienVaultContinuous training | Flexible schedule | Hybrid work | Social benefits | Volunteering programsSenior-level Full TimeMADRID, ES R3d ago
-
AWS Well Architected | Access Control | Access Control Lists | Access Management | Amazon Web ServicesContinuous training | Flexible work hours | Hybrid remote work | Social benefits | Volunteer programsSenior-level Full TimeMADRID, ES R3d ago
-
Tech_Experto/a IAM EUR 35K-42KAccess Management | CCP | Cause analysis | Conditional Access | CorePASContinuous training | Flexible working hours | Hybrid remote work | Social benefits | Volunteering programsSenior-level Full TimeMADRID, ES R3d ago
-
Cyber Security Engineer SSC EUR 27K-48KAutomation | Business Continuity | Cloud Security | Cyber Security | Disaster RecoveryCareer growth | Comprehensive benefits package | International work environment | Training opportunities | Travel opportunitiesMid-level Full TimeSpain3d ago
-
Cybersecurity Engineer EUR 44K-67KAWS | Ansible | AppSec | Azure | CIS ControlsFlexible schedule | Hybrid work environmentMid-level Full TimeHybrid (08034, Barcelona, Barcelona/Catalunya/Espanya, Spain) R3d ago
-
Pentest Coordinator EUR 38K-45KAPI Security | Application Security | Mobile Security | Network Segmentation | Penetration TestingAccident insurance | Annual leave | Childcare vouchers | Continuous training | Health insuranceMid-level Full TimeMadrid, MD, Spain4d ago
-
Senior FTech EUR 36K-45KActive Directory | Cellebrite | Chain of Custody | DFIR | Digital forensicsSenior-level Full TimeMadrid, ES, 280464d ago
-
Tech_Administrador/a de Tecnologías EDR EUR 30K-40KCortex XDR | Defender for Endpoint | EDR | Event management | Incident ManagementContinuous training | Flexible hours | Hybrid work | Social benefits | Volunteering programMid-level Full TimeMADRID, ES R5d ago
-
Access Control | Application Firewall | Bash | Cloud platform | CloudflareRemote workMid-level Full TimeValencia, Spain R6d ago
-
IAM Developer & Automation Engineer EUR 56K-65KAPI Integration | Access Management | Azure AD | Bitbucket | CI/CDFlexible working conditions | Gym membership discounts | Health insurance | Learning and development | Life and accident insuranceSenior-level Full TimeSant Cugat del Vallès, Spain, Barcelona8d ago
-
Senior Software Engineer, Threat Intelligence EUR 57K-80KArtificial Intelligence | C plus plus | CSS | Data Storage | Distributed ComputingSenior-level Full TimeMálaga, Spain9d ago
-
Senior Full-Stack Security Automation Engineer EUR 39K-75KAWS | CI/CD | Docker | Go | Infrastructure as CodeAdditional paid time off | Autonomy | Discounts | Fitness and wellness memberships | Language appsSenior-level Full TimeBarcelona9d ago
-
Security Engineer EUR 40K-50KCMDB | IT Security | Python | Qualys | SplunkDXC University certifications access | Flexibility | Professional development | Social benefits | Stable employmentMid-level Full TimeESP DXC Aviles Parque Empresarial (CSC …10d ago
-
Cyber Security Engineer EUR 40K-60KAPI Security | AWS | Bash | CCPA | CSPMFlexible hours | Gym allowance | LinkedIn Learning | Meal vouchers | Monthly TGIF eventsMid-level Full TimeBarcelona, Barcelona10d ago
-
API | AWS | Bash | DLP | Microsoft AzureCertification support | Continuous training | Employee benefits | Flexible working hours | Hybrid remote workMid-level Full TimeMADRID, ES10d ago
-
APT | Antispam | Bash | Cisco Email Security | DKIMContinuous training | Flexibility | Hybrid work | Social benefits | Volunteering programSenior-level Full TimeMADRID, ES10d ago
-
Senior CyberArk Engineer EUR 48K-68KAWS | Access Management | Bash | CPM | Cloud platformComprehensive benefits | Growth opportunities | Hybrid work model | In-office option | Inclusive cultureSenior-level ContractSpain10d ago
-
Cloud Security | Critical Infrastructure | Critical infrastructure security | Cybersecurity | Cybersecurity ActEmployee referral program | Meal cost allowance | Mobile working | Private health insurance | Sports bonusEntry-level Full TimeMálaga, AN, Spain10d ago