Senior Purple Team Engineer / Lead (Blue Focused)
Tasks
- Align activities to ISO IEC 27001 and NIS2
- Build Microsoft Sentinel analytics rules
- Conduct threat hunting
- Correlate vulnerabilities with attacker paths
- Design adversary attack scenarios
- Develop and tune SIEM detections
- Identify detection gaps
- Improve Microsoft Defender XDR detections
- Map attack scenarios to MITRE ATT&CK
- Mentor junior analysts
- Optimize SIEM alerts
- Perform DFIR investigations
- Plan and execute purple team exercises
- Prioritize remediation based on exploitability
- Produce executive reporting
- Support incident response escalation
- Tune incident response playbooks
- Validate alert quality and reduce false positives
- Validate detection coverage against TTPs
- Write KQL queries
Perks/Benefits
- Employee referral program
- Health and sports bonus
- Meal cost reimbursements
- Mobile working option
- Private health insurance option
- Tax benefits for commuting
- Tax benefits for kindergarten expenses
- Training and education
Skills/Tech-stack
Atomic Red Team | Azure | Azure AD | Blue Team | Caldera | Cloud apps | Cybersecurity | DFIR | Defender XDR | Defender for Cloud Apps | Defender for Endpoint | Defender for Identity | Defender for Office 365 | Digital forensics | Entra ID | Incident Response | Incident Response Playbooks | KQL | Kubernetes N/A | Linux forensics | MITRE ATT&CK | Microsoft Defender | Microsoft Defender XDR | Microsoft Defender for Cloud | Microsoft Defender for Cloud Apps | Microsoft Defender for Endpoint | Microsoft Defender for Identity | Microsoft Defender for Office | Microsoft Defender for Office 365 | Microsoft Entra | Microsoft Entra ID | Microsoft Purview | Microsoft Sentinel | N A | Office 365 | Penetration Testing | Powershell | Purple Teaming | Python | Red team | Response playbooks | SIEM | Social engineering | Threat Intelligence | Threat hunting | Threat modeling | Velociraptor | Windows forensics
Education
Bachelor of Engineering | Bachelor of Science | Master of Science
Related jobs
-
Access Review | Application Security | Automation | CI/CD | Cloud SecurityConnectivity stipend | Family insurance | Flexible paid time off | Fully remote work | Health insuranceSenior-level Full TimeSpain R14h ago
-
APIs | Application Security | Application Security Testing | Automation | BashFlexible schedule | Health insurance | Home office | Permanent contract | Training and certificationsMid-level Full TimeBarcelona, Spain1d ago
-
Access Control | Application Firewall | Authentication | CI/CD | CheckovEmployee benefits program | Flexible work schedule | Fully remote work | Optional coworking access | Stock grant opportunitiesMid-level Full TimeSpain R1d ago
-
AI Agents | API Integration | Ansible | CI/CD | CriblCross-functional collaboration | Mentorship | Technical leadership opportunitiesSenior-level Full TimeMadrid Osiris, Spain1d ago
-
Active Directory | Administration | Change Management | Directory Services | Document ManagementFlexible workplace | On-call flexibility | Professional colleagues | Savings plans with employer match | Training budgetSenior-level Full TimeMadrid Osiris, Spain1d ago
-
Access Management | Access reviews | Agile | Application Integration | AttributesFlexible work environment | Hybrid work modelMid-level Full TimeMadrid, M, ES R1d ago
-
800-53 | Automation | CCSP | CISA | CISMCareer development | Continuous learning | Flexible work arrangements | Fully remote | Inclusive diverse workplaceSenior-level Full TimeSpain R2d ago
-
Cyber Security Engineer (CTF, Reverse Engineering, Anti-bot & Ethical Hacker experience) EUR 38K-72KBehavior emulation | Browser patching | Cryptography | DNS over HTTPS | DecompilationEmployee Assistance Program (EAP) | Flexible working environment | LinkedIn Learning | Volunteer time offMid-level Full TimeES-Barcelona RambadeCatalonya, Spain2d ago
-
APIs | AWS | Azure | Bash | CRMCareer development | Fully remote | Inclusive workplace | Industry conferences and seminars | Professional networkingMid-level Full TimeSpain R2d ago
-
Security Engineer II EUR 48K-69KAWS | AWS Config | AWS Inspector | CloudTrail | GCPEnhanced parental leave | Equity plan | Extra time off | Food discounts | Gym membership discountsMid-level Full TimeBarcelona, Spain R3d ago
-
Application Monitoring | Artificial Intelligence | Blockchain | Cause analysis | Confidential ComputingAnnual leave | Extended medical coverage for dependents | Flexi-work hours | Hybrid or remote work | Internal mobility programEntry-level Full TimeBarcelona R3d ago
-
ADFS | Active Directory | Ansible | Azure | CI/CDBonuses for performance | Flexible vacation | Learning and training | Life insurance | Medical insuranceSenior-level Full TimeMADRID, Spain R3d ago
-
Consultor/a Ciberseguridad - Automation Factory EUR 30K-40KAPIs | Authentication | EDR | Endpoint Security | IAMAccident insurance | Buddy program | Career development program | Continuous training | Counselor supportMid-level Full TimeBarcelona, ES, 080173d ago
-
Consultor/a Ciberseguridad - Use Case Factory EUR 30K-40KCrowdStrike | Detection engineering | False Positive | False positive reduction | KQLAccident insurance | Childcare support | Continuous training | Flexible compensation plan | Hybrid workEntry-level Full TimeBarcelona, ES, 080173d ago
-
Analytics Platforms | Cloud Forensics | Detection and Response | Digital forensics | Endpoint Detection and ResponseCharity day | Corporate volunteering | Flexible working hours | HP product discount | Health insuranceSenior-level Full TimeBCN03 - Barcelona S.Cugat B3 (BCN03), …5d ago
-
Cloud Forensics | Detection and Response | Digital forensics | Endpoint Detection and Response | Endpoint detectionCorporate volunteering | Doctor Access | Flexible working hours | HP product discount | Health insuranceSenior-level Full TimeBCN03 - Barcelona S.Cugat B3 (BCN03), …5d ago
-
Senior Infrastructure Security Engineer EUR 55K-65KAWS | Azure | Bash | CI/CD | CNAPPBreakfast in office | Gym benefits | Language classes | On-site training | Pet friendlySenior-level Full Time08005, Barcelona, CT, Spain6d ago
-
SecOps Engineer EUR 39K-43KActive Directory | Antivirus | Application Security | Data Loss Prevention | Data lossMid-level Full TimeMadrid, MD, Spain6d ago
-
ACS Security Engineer - AI Calling (m/f/d) EUR 37K-48KArtifactory | Bash | CI/CD | Cause analysis | Containerization26 plus vacation days | Access to training | Childcare support | Experience days | Flexible working hoursMid-level Full TimeMadrid, MD, Spain6d ago
-
APIs | Cyber Threat | Cyber Threat Intelligence | Data Ingestion | Data NormalizationSenior-level Full TimeMálaga, Spain6d ago
-
Senior Application Security Engineer EUR 66K-84KAWS IAM | AWS Identity | AWS Identity Center | AWS Organizations | AWS SecretsEnglish language courses | Flexible work location | Health insurance | Meal card | Transportation assistanceSenior-level Full TimeBarcelona, Spain R6d ago
-
Senior SRE & Security Engineer EUR 60K-79KAccess Management | Amazon Web Services | Ansible | Application Security Testing | AuthenticationAnnual training budget | Equity incentive grants | Flexible remuneration vouchers | Flexible schedule | Hybrid workSenior-level Full TimeBarcelona, CT, ES6d ago
-
Administrador APIs EUR 40K-40KAPI Gateway | API Governance | API Management | AWS | AzureFlexible work arrangements | Inclusive work environment | Learning access | Official certifications | Professional developmentSenior-level Full TimeSCV01 - DXC Barcelona Sant Cugat …6d ago
-
Aircraft Security Tech Engineer (d/f/m) EUR 55K-72KAnti-Malware | Common Criteria | Cyber Threat | Cyber Threat Intelligence | FirewallSenior-level Full TimeMadrid - Barajas Park (SLC), Spain7d ago
-
Líder Técnico de Ciberseguridad en Azure y M365 EUR 26K-30KActive Directory | Application Security | Application Security Groups | Azure | Azure Active DirectoryAfternoons off in July and August | Company events | Employee discounts portal | Flexible benefits | Flexible scheduleSenior-level Full TimeSpain7d ago