QRADAR SIEM/SOAR AUTOMATION ENGINEER - L3 SPECIALIST

Get the future you want with Capgemini💙Who are we?🌍Capgemini is a global leader in partnering with companies to transform and manage their business by harnessing the power of technology. The Group is guided everyday by its purpose of unleashing human energy through technology for an inclusive and sustainable future. It is a responsible and diverse organization of 300,000 team members in nearly 50 countries. With its strong 50-year heritage and deep industry expertise, Capgemini is trusted by its clients to address the entire breadth of their business needs, from strategy and design to operations, fueled by the fast evolving and innovative world of cloud, data, AI, connectivity, software, digital engineering and platforms.We desire to hire QRadar SIEM/SOAR Automation Engineer - L3 Specialist to be part of our team integrated CIS Business Unit.Security Engineers manage SIEM/SOAR systems, configuring rules to detect and respond to security incidents. They collaborate to adapt to evolving threats. In automation, they use SOAR tools to streamline incident response, enhancing efficiency and fortifying defenses against cyber threats.Key responsibilities:Responsible for designing, developing, and implementing SIEM/SOAR solutions. Creates architectures aligned with the cybersecurity strategy, incorporating advanced features.Leads the implementation, integration, and optimization of the QRadar environment, collaborating for efficient deployment and enhancing security posture through automation.Advanced SIEM Configuration: Develop and implement complex configurations within the SIEM system to ensure optimal detection and response capabilities, including correlation rules, filters, and data source integrations.Custom Scripting and Automation: Develop custom scripts or automation workflows to enhance the automation capabilities of the SOAR platform, allowing for more efficient incident response and mitigation.Optimization: Continuously fine-tune and optimize SIEM/SOAR modules to improve their efficacy over time, adapting to changes in the threat landscape and organizational needs.Collaboration with IT and Security Teams: Work closely with IT and other security teams to understand the organization's infrastructure, applications, and network architecture, ensuring effective integration of SIEM/SOAR.Knowledge Sharing and Training: Provide training and guidance to junior team members, sharing expertise in QRadar technology.Policy Development and Compliance: Contribute to the development and enforcement of security policies, ensuring compliance with industry standards and regulations through the effective use of the solution.Required Skills:Scripting and Programming: Knowledge of scripting skills in languages such as Python, PowerShell, or Bash to develop custom scripts for automation, integration, and data manipulation.Networking Protocols and Security: Knowledge understanding of networking protocols, firewall technologies, intrusion detection/prevention systems, and other network security measures.Operating Systems: Knowledge of various operating systems (Windows, Linux, Unix) and the ability to secure and monitor them effectively.Threat Intelligence Integration: Skill in integrating threat intelligence feeds into SIEM/SOAR platforms to enhance the detection of malicious activities.Database Security: Knowledge of database security principles, including the ability to monitor and secure databases within the SIEM/SOAR context.Cloud Security: Familiarity with cloud computing environments (AWS, Azure, GCP) and expertise in securing cloud-based infrastructure and services.Incident Response Tools: Competent use of incident response tools and frameworks to investigate and respond to security incidents effectively.Security Analytics: Competent with advanced analytics and machine learning techniques within SIEM systems to identify and respond to complex security threats.Log Management: Competent in log management, including the collection, storage, and analysis of logs from various sources to identify security events.Continuous Monitoring: Competent to implement continuous monitoring solutions, ensuring real-time visibility into the organization's security posture.Secondary skills (Nice to Have)The candidate is expected to have at least a bachelor's degree in Cybersecurity, Networking, Informatic or a related field.Relevant industry certifications (e.g., CompTIA Security+, CISSP, CEH).CISSP Certification (Certified Information Systems Security Professional).IBM QRadar product certifications.High proficiency in Spanish and English.Why you should join us:🏡Hybrid work: at least 1/2 days in-person at our offices located in the Technology Park of Langreo, Asturias.👩‍💻Participate in cutting-edge and innovative technological projects.☁Career plan and specialized training courses.📄Competitive salary according to candidate’s profile👉Restaurant tickets✔Childcare checks🥗Medical and life insurance🏡Become part of a responsible company committed to equal opportunities.🎯An excellent work environment and team with whom to work side by side.👉Regular team and global events📄Steady job, you'll get a permanent contract from the first day onwards.DIVERSITY & INCLUSION AT CAPGEMINIAt Capgemini, we are committed to diversity and inclusion. Diversity is a source of innovation and inspiration. We are committed to professionals, regardless of ethnicity, gender identity, disability, sexual orientation or any other dimension of diversity.🚀It's time! Come join us, and be part of our growing family