Security Analyst

Your responsibilities will cover various aspects of cybersecurity, including threat detection, incident response, and vulnerability management. You will collaborate with cross-functional teams to enhance our security posture and ensure compliance with industry standards.

Responsibilities:

Security Monitoring

• Monitor security events and alerts using our SIEM (Security Information and Event Management) system.
• Investigate and analyze suspicious activities, anomalies, and potential threats.
• Collaborate with the incident response team to address security incidents promptly.

Threat Hunting / Purple Team

• Conduct proactive threat hunting exercises to identify vulnerabilities and potential attack vectors.
• Collaborate with the red team (offensive security) to simulate real-world attacks and assess our defenses.
• Provide actionable insights to improve our security controls based on purple team findings.

Security Incidents

• Respond to security incidents quickly and effectively.
• Coordinate incident handling, containment, eradication, and recovery efforts.
• Document incident details and lessons learned for continuous improvement.

Incident Response

• Develop and maintain incident response playbooks.
• Participate in real-time incident exercises and simulations.
• Work closely with other teams (network, IT security, system administrators, etc.) during incident resolution.

Penetration Testing

• Collaborate with external penetration testers or conduct internal penetration tests.
• Identify vulnerabilities in our systems, applications, and network infrastructure.
• Provide actionable recommendations to remediate identified weaknesses.

Vulnerability Management

• Regularly assess and prioritize vulnerabilities across our environment.
• Coordinate vulnerability scanning and patch management efforts.
• Ensure timely remediation of critical vulnerabilities.

KPI Monitoring / Compliance

• Define and track key performance indicators (KPIs) related to security operations.
• Monitor compliance with security policies, standards, and regulations.
• Generate reports and metrics for management and stakeholders.

Requirements:

• At least 4-5 years of experience in similar roles.
• University degree in Computer Science, Information Security, or a related field (or equivalent experience).
• Relevant certifications (e.g., CISSP, CEH, CompTIA Security+, etc.) are highly desirable.
• Experience with security tools such as SIEM platforms, vulnerability scanners, and penetration testing frameworks.
• Knowledge of industry standards (ISO 27001, NIST, CIS Controls, etc.).
• Strong analytical skills and attention to detail. Proactivity and problem-solving ability.

If you are passionate about cybersecurity, thrive in a dynamic environment, and want to contribute to the security of our global organization, we encourage you to apply!

B. Braun Medical, S.A. U. | Victoria Merodio