Senior Purple Team Engineer / Lead (Blue Focused)
Tasks
- Align activities to ISO IEC 27001 and NIS2
- Build Microsoft Sentinel analytics rules
- Conduct threat hunting
- Correlate vulnerabilities with attacker paths
- Design adversary attack scenarios
- Develop and tune SIEM detections
- Identify detection gaps
- Improve Microsoft Defender XDR detections
- Map attack scenarios to MITRE ATT&CK
- Mentor junior analysts
- Optimize SIEM alerts
- Perform DFIR investigations
- Plan and execute purple team exercises
- Prioritize remediation based on exploitability
- Produce executive reporting
- Support incident response escalation
- Tune incident response playbooks
- Validate alert quality and reduce false positives
- Validate detection coverage against TTPs
- Write KQL queries
Perks/Benefits
- Employee referral program
- Health and sports bonus
- Meal cost reimbursements
- Mobile working option
- Private health insurance option
- Tax benefits for commuting
- Tax benefits for kindergarten expenses
- Training and education
Skills/Tech-stack
Atomic Red Team | Azure | Azure AD | Blue Team | Caldera | Cloud apps | Cybersecurity | DFIR | Defender XDR | Defender for Cloud Apps | Defender for Endpoint | Defender for Identity | Defender for Office 365 | Digital forensics | Entra ID | Incident Response | Incident Response Playbooks | KQL | Kubernetes N/A | Linux forensics | MITRE ATT&CK | Microsoft Defender | Microsoft Defender XDR | Microsoft Defender for Cloud | Microsoft Defender for Cloud Apps | Microsoft Defender for Endpoint | Microsoft Defender for Identity | Microsoft Defender for Office | Microsoft Defender for Office 365 | Microsoft Entra | Microsoft Entra ID | Microsoft Purview | Microsoft Sentinel | N A | Office 365 | Penetration Testing | Powershell | Purple Teaming | Python | Red team | Response playbooks | SIEM | Social engineering | Threat Intelligence | Threat hunting | Threat modeling | Velociraptor | Windows forensics
Education
Bachelor of Engineering | Bachelor of Science | Master of Science
Related jobs
-
AWS | CASB | CNAPP | CSPM | DLPCoworking support | Fintech industry experience | Flexible schedule | Performance-driven culture | Referral bonus programSenior-level Full TimeMadrid14h ago
-
Mid-level Full TimeSpain23h ago
-
Manager Information Security EUR 39K-67KAI Security | AI security analytics | Agile | Anomaly Detection | Cloud appsMid-level Full TimeZaragoza, ES, Aragon1d ago
-
Access Control Product Owner 1 EUR 70K-90KAI for Incident Response | AWS | Anti-Malware | Attack techniques | BashFlexible working conditions | Gym membership discounts | Health insurance | Learning and development | Life and accident insuranceMid-level Full TimeSant Cugat del Vallès, Spain, Barcelona1d ago
-
Web Application Firewall Specialist (m/f/d) EUR 39K-66KAkamai | Allow List | Application Firewall | Automation | BashCompany bonus scheme | Digital learning programs | Employee discounts | Employee shares program | Flexible workingMid-level Full TimeBARCELONA, B, ES, 080051d ago
-
ARM | C++ | C++23 | Dynamic analysis | Exploit analysisDental insurance | Employee stock plan | Flexible working hours | Home-office allowance | Life insuranceSenior-level Full TimeSpain R2d ago
-
Active Directory | Cybersecurity | DORA | Linux | MacOSCollaborative team culture | Continuous learning | Employee growth focus | Flexible location Spain | Fully remoteMid-level Full TimeSpain R2d ago
-
AWS Glue | AWS Lambda | AWS S3 | Amazon Web Services | Apache FlinkFlexible working arrangements | Full-time internship | Study grantEntry-level Full Time InternshipGetafe, Spain2d ago
-
Senior-level Full TimeRemote - Madrid, Madrid, Spain R2d ago
-
Security Engineer (f / m / d) EUR 38K-38KAgile Development | Assessment tools | Cloud Security | Linux | Network SecurityCertification preparation | Continuous training | Coursera access | Day care | Flexible scheduleMid-level Full TimeGranada, AN, Spain3d ago
-
Senior-level Full TimeMADRID, ES, 280373d ago
-
Formador/a - Ciberseguridad defensiva EUR 24K-24KCybersecurity | EDR | Incident Analysis | Incident Response | Mitre AttackHands on lab training | Long-term growthEntry-level Full TimeMadrid, ES, 280463d ago
-
Senior Offensive Security Engineer EUR 56K-84KCHERI | Code review | Computer Architecture | Continuous integration | Control flowAutonomy | Flexible scheduling | Hybrid work | OwnershipSenior-level Full TimeHybrid (08034, Barcelona, Barcelona/Catalunya/Espanya, Spain) R4d ago
-
Managed Svcs Network & Security Engineer EUR 60K-84KAnsible | Arista | BGP | Cisco | EIGRPInternational team collaboration | On-call rotationMid-level Full TimeSPN Madrid, Spain4d ago
-
Arquitecto de Seguridad EUR 30K-40KAWS | Access Management | Azure | Cloud Architecture | Cloud platformAutonomous work | Medical insurance | Team leadership opportunitiesSenior-level Full TimeMadrid4d ago
-
Cybersecurity Platform Engineer EUR 60K-100KActive Directory | Ansible | ArcSight | Automation | AzureFlexible remuneration | Flexible working hours | Gym membership | Health insurance | Life insuranceMid-level Full TimeMadrid (Hubs Spain)4d ago
-
SOC Analyst N2 EUR 18K-18KDetection and Response | Endpoint Detection and Response | Endpoint detection | Forensic analysis | Incident ResponseFlexible compensation | Flexible working hours | Hybrid work model | Life and accident insurance | Medical insuranceEntry-level Full TimeMadrid, Torre Chamartin, Spain4d ago
-
Access Management | Authentication | Authorization | Azure | CI/CDHybrid work model | Performance-based bonusSenior-level Full TimeMadrid, M, ES R4d ago
-
Cybersecurity Platform Engineer EUR 60K-100KActive Directory | Ansible | ArcSight | Azure | Azure DevOpsFlexible remuneration | Health insurance | Life insurance | Pension plan | Restaurant cardMid-level Full TimeMadrid (Hubs Spain)4d ago
-
Alert triage | Cybersecurity Framework | Governance | ISO 27001 | Incident ResponseHybrid work model | Life and accident insurance | Life long learning and development | Meal vouchers | Private health insurance optionSenior-level Full TimeMadrid, ES R7d ago
-
Senior Manager Information Security EUR 42K-84KAI Security | API Security | AWS | Access Management | Application SecurityEmployee discounts | Hybrid work setup | International career opportunities | Tech community | Training and developmentSenior-level Full TimeZaragoza, ES, Aragon7d ago
-
AI Security | AWS | Bug Bounty | CI/CD | ISO 27001Employee assistance program | Flexible remote work | Home office setup allowance | Inclusive international work culture | Learning and development budgetSenior-level Full TimeSpain7d ago
-
SecOps / IAM Engineer (Linux - LDAP) EUR 62K-100K389 Directory Server | ACIS | Access Control | Access Management | AgileDoctor services | Electric mobility solutions | Errands service support | Flexible remuneration | Gym accessMid-level Full TimeMadrid (Hubs Spain)7d ago
-
Access Management | Automation | BeyondTrust | Cause analysis | Change ManagementHybrid workMid-level Full TimeBarcelona Gran Vía, Spain7d ago
-
SecOps / IAM Engineer (Linux - LDAP) EUR 62K-100K389 Directory Server | Access Control | Access Management | Ansible | AuthenticationFlexible remuneration | Health insurance | Home office flexibility | Life insurance | Pension planMid-level Full TimeMadrid (Hubs Spain)7d ago