Misión

With the growth of the digital channels, cyberattacks are becoming more and more structured and sophisticated. In order to keep pace with the changing and fast-moving advanced threat landscape, it is necessary to create advanced detection mechanisms.

Funciones

• Understanding of internal and external Threat Scenarios, how to identify these threats within the Santander group and which threats to focus based on a Risk vs Impact analysis
• Identify TTP (Tactics, Techniques and Procedures) used by attacker and create new hypothesis for hunting activities
• Identify unknown cyber threats within the Santander Group using search techniques on data lakes
• Creating and reviewing use-cases to feed SOC – Security Operation Centre
• Identify improvements on Security Platforms
• Carrying out tests on Security alerts
• Recommending changes on security alerts on SIEM
• Creating improvements in processes such use (Threat Hunting, use-case and threat modeling, etc.)
• Liaising with local security teams across different countries to identify new threats and to create its detection mechanisms
• Assure quality on juniors colleagues activities
• Report important events to relevant parts

Requisitos

Education
Information Technology, Computer Science, Computer Engineering, Network Technology or similar.

Competencies

• Knowledge in network data analysis
• Security platforms (IPS, IDS, EDR, AV, WAF, etc)
• Strong knowledge in network communication protocols such as (TCP/IP stack, SMTP, SMB, HTTP, etc)
• Excellent knowledge on the main attack vectors and methods (DDoS, Sniffing, phishing, Trojan, privilege escalation, etc.)
• Programming capabilities and script languages (Python, VBS, Javascript, powershell, etc.)
• Skills on vulnerabilities and risk analysis

Languages
High level of English

Experiencia

• 3+ yearrs of experience in Information technology and cybersecurity
• Experience with Security platforms (IPS, IDS, EDR, AV, WAF, etc)
• Experience in Security Incident response