Mission

Develop and deliver detection and response mechanisms to improve Santander’s readiness against cybersecurity threats originating within the company (including providers), and reduce the incident lifecycle times by supporting the automation of post-incident analysis tasks.

Functions

• Definition and coding of alerts based on SIEM platforms to detect insider threat breaches.
• Understand and automate digital forensic analysis steps via scripting.
• Support Forensic/eDiscovery cases that require data normalization, analysis and visualization.
• Test, evaluate and deploy cybersecurity tools (e.g. User Behavior Analytics mechanisms)
• Leverage data analytics modules of forensics/e-discovery tools.
• Undertake insider threat investigations, following a structured approach to digital investigations that respects chain of custody, working in partnership with colleagues in Legal and Corporate Security and Intelligence, amongst others.

Requirements

Education
Technical Degree in computer science, engineering or similar.

Languages
English Advanced

Experience

• 3 years in cybersecurity departments is desired, preferably on incident response, forensics, insider threat investigation, monitoring or big data teams.
• Scripting and API integration (e.g. Python, Powershell).
• Strong analytic skills: Data normalization, processing and presentation (regex, SQL, pivot tables, dashboards).
• Experience on SIEM platforms (e.g. Splunk, ELK, Spark) or forensic analysis tools is a plus.