Security Analyst (Security Operations Team) en Barcelona o en remoto

Hi there!
We are Semrush, a global IT company developing our own product—a platform for digital marketers. New stars are born here, so don’t miss your chance.
This is our Security Analyst role, ideal for those who wish to put their skills into action and contribute to enhancing Semrush's security measures.

Tasks in the role

• Incident Response. Responding to security incidents, investigating and analyzing them, and coordinating with other teams, such as IT, network operations, and management, to ensure a timely and effective response to security incidents.

• Alerts and Playbooks Development. Developing and refining SIEM correlation rules, designing and maintaining playbooks, configuring any necessary exceptions, and documenting all changes and implementations for future reference.

• Threat Analysis & Hunting. Conducting research on emerging threats, vulnerabilities, and security technologies, preparing analytical research and potential risk assessments.

• Vulnerability Management. Work with vulnerability analytics to identify potential vulnerabilities, analyze their impact, and prioritize actions.

• Bug Bounty. Validating the reported vulnerabilities, organizing them according to their severity, managing the mitigation processes, and maintaining communication with those who reported these vulnerabilities.

Who we are looking for

• A Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.

• A minimum of one year of experience as an L1/L2 SOC Analyst or a similar role focusing on Security/IT operations and incident response. Alternatively, application security experience with a willingness to participate in incident response.

• Understanding of basic security principles, familiar with tactics and techniques used by attackers, main attack vectors, and detection methods (OWASP TOP10, CVE, MITRE ATT&CK).

• Knowledge of essential security measures for web applications, such as setting appropriate cookie security flags to guard against attacks and understanding the Same-Origin Policy to restrict unauthorized interactions. Familiarity with XHR and CORS.

• Basic understanding of common web security threats like Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and SQL injection. Ability to identify them in application logs/payloads.

• Familiarity with modern development workflows, understanding terms like repository, library, and pipeline. Knowledge of Git, Ansible, and Docker.

• Basic understanding of log collection and experience in developing correlation rules, preferably in Splunk ES.

They say there are no perfect candidates, but that might well be you, if

• You have experience with vulnerability management, which is greatly advantageous as it boosts your superhero powers to spot and squash potential security threats.

• Having experience in finding and exploiting vulnerabilities through penetration testing or code reviews is like being a detective in a mystery novel, but instead of looking for the murderer, you're looking for the "bug"ger.

• If you've navigated through significant security incidents before, that's a notable achievement! After all, you've already danced with the flames and lived to tell the tale.

• Knowing Python and automation skills is like having a secret decoder ring for machine language. If you want to survive the upcoming AI revolution, you better start speaking their language.

• Since we're on the defense, being familiar with Threat Intelligence (TI) is beneficial. It's like playing hide and seek but knowing all the hiding spots before the game even starts.

• You share our common values: Trust, as we prefer to speak up and be our true selves; Sense of Ownership, as it’s not worth wasting time on something you don’t believe in; and enthusiasm for Constant Change, as we are always looking to make things better.

A bit about the team

You can get to know the team better at one of the interviews, but some brief information about future colleagues will be useful now.

The Security Operations team (SOC) at Semrush is a group of passionate and skilled professionals who believe in the power of collective intelligence and teamwork. We value diversity of thought and backgrounds and encourage our team members to bring their unique perspectives to the table. Curiosity, creativity, and an unending desire to learn are deeply valued. We support each other and work together to solve complex problems and to continually improve our security posture.

As a member of our SOC team, you'll be at the forefront of our cybersecurity efforts, helping us to respond to incidents, develop security measures, and protect our organization from various threats.

We will try to create all the right conditions for you to work and rest comfortably

• It’s up to you to decide what work format works best for you. You can #wfo, #wfh, or mix both.

• Flexible working day start.

• Health insurance coverage.

• Working from a modern coworking space (or working from home).

• Corporate events.

• Unlimited PTO.

• Hobby benefit.

• Training, courses, conferences.

• English and Spanish courses.

• Gifts for employees.

Finally, a little more about our company

We’ve been developing our product for 15 years and have been awarded G2's Top 100 Software Products, Global and US Search Awards 2021, Great Place to Work Certification, Deloitte Technology Fast 500, and many more. In March 2021, Semrush went public and started trading on the NYSE with the SEMR ticker.

10,000,000+ users in America, Europe, Asia, and Australia have already tried Semrush, and over 1,000 people around the world are working on its development. The Semrush team is constantly growing.

Semrush is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate based on race, religion, creed, color, national origin, sex, pregnancy, sexual orientation, gender identity, gender expression, age, ancestry, physical or mental disability, or medical condition, including medical characteristics, genetic identity, marital status, military service, or any other classification protected by applicable local, state or federal laws. All employment decisions are based on business needs, job requirements, merit, and individual qualifications.