← all jobs

SOC Analyst (L1/L2) - Incident Response — 100% Remote (Spain)

Work from home Full-time role Hiring

Since 2011, SQUAD Group has been a key player in the cybersecurity landscape. We partner with leading organizations to protect their information systems through a comprehensive 360° offering of consulting, integration, expertise, and managed services. ¿Tiene lo que se necesita para triunfar? La siguiente información debe ser leída atentamente por todos los candidatos. Our mission: Securing Together! We believe in a collaborative approach to cybersecurity, where experts and clients work hand-in-hand to anticipate threats and protect critical infrastructure. As part of our growing team, we're seeking a SOC Analyst to join a top-tier Incident Response team, defending the digital assets of a company that connects hundreds of millions of people every month. The position is fully remote within Spain. Your Role You are a hands-on incident responder. From the moment an alert fires to final resolution, you investigate, contain, and document security incidents with rigor and autonomy. Phishing and email-based attacks make up a significant share of the workload, so a sharp eye for email analysis is essential. Your Responsibilities

  • Investigate and respond to security incidents across their entire lifecycle, from detection and triage through containment, root cause analysis, and closure.
  • Analyze suspicious emails and phishing campaigns, leveraging header analysis and authentication standards (SPF, DKIM, DMARC).
  • Respond to a variety of alert types, including malicious URLs and compromised domains.
  • Apply and contribute to incident response playbooks, bringing analytical judgment to every investigation.
  • Build and run XQL queries in the Palo Alto Cortex platform to support and accelerate investigations.
  • Produce clear, structured incident documentation and escalate appropriately.

What You Bring

  • 1–3 years of hands-on SOC experience with strong operational fundamentals.
  • A solid grasp of incident triage and investigation methodology — you understand why an alert fired, not just how to close it.
  • Practical experience analyzing phishing and email-borne threats.
  • Familiarity with Palo Alto Cortex (XSIAM/XDR) and XQL is a strong asset; Microsoft Sentinel/KQL experience is also welcome.
  • A rigorous, transparent approach to investigation — you verify before concluding.
  • Genuine motivation to build a career in Incident Response.

Preferred Certifications: BTL1/BTL2, GIAC GCIH, Palo Alto Networks Cortex XDR/XSIAM certifications, Microsoft SC-200 Why Join Squad?

  • Personalized Growth: We help you build a training and certification plan aligned with your professional goals through our SquadeXpérience.
  • Expertise Development: Participate in internal events like our MixYourTalent webinars and monthly CTF sessions.
  • Visibility: Attend major industry conferences and contribute to our #TheExpert technical blog.
  • Culture: Enjoy a dynamic and close-knit environment with after-work events and team gatherings that foster great camaraderie. xsgfvud

Hay opciones de teletrabajo/trabajo desde casa disponibles para este puesto.

More open positions

Tier 1 SOC Analyst - REMOTE

Work from home Full-time role

Network & Infrastructure Security Analyst

Work from home Full-time role

MDR Shift Analyst, Unit 42 - Remote

Work from home Full-time role

NIH - SOC Analyst

Work from home Full-time role

Patient Safety Observer - NOT REMOTE DAY SHIFT

Work from home Full-time role

Principal Product Manager, Renter Transactions & Partner Integrations

Work from home Full-time role

Remote Data Entry Specialist – No Experience Required – Flexible Home‑Based Role with careerzynith

Work from home Full-time role

New Remote Academic Transcription Jobs for Beginners

Work from home Full-time role

Online Math Tutors (3rd-Algebra 1) 7:00 a.m.-4:00 p.m. CST Sessions

Work from home Full-time role

UI/UX Designer (Remote USA only or Houston)

Work from home Full-time role

Customer Service Associate – Full‑Time, Paid Leave, Lubbock TX – Frontline Support Specialist for careerzynith

Work from home Full-time role

Staff Backend Software Engineer

Work from home Full-time role

Customer Education Lead

Work from home Full-time role

[Remote] Senior Accountant, Accountant 3

Work from home Full-time role

Please Assist Me – Property Management Board Advisors

Work from home Full-time role

$25-35 Apple Remote Job Careers (Work At Home)

Work from home Full-time role

Associate Attorney (Remote)

Work from home Full-time role

Associate Clinical Admin

Work from home Full-time role

Staff Data Engineer

Work from home Full-time role

Robotics Automation Technician

Work from home Full-time role

Site Reliability Engineer (SAP S/4HANA & Java SRE Engineer – Incident & Problem Management)

Work from home Full-time role