
SOC Technical Lead – Threat Hunting & Incident Response
Job Description
At Thales S21sec Spain, we are looking for a SOC Technical Lead – Threat Hunting & Incident Response with 4+ years of experience in cybersecurity to join our central services team.
We are seeking a highly motivated professional with strong expertise in cybersecurity infrastructures, capable of supporting and managing complex technological environments across leading security vendors.
Join the Team Defending Thales’ Future At Thales, we don't just respond to threats—we anticipate them. We are looking for a visionary SOC Technical Lead who thrives at the intersection of advanced threat hunting, rapid incident response, and team mentorship. If you are passionate about building resilient security architectures and want to lead a team that is defining the next generation of SOC services, this is your opportunity to make a lasting impact.
Key Responsibilities
- Drive Proactive Defense: You will spearhead our threat hunting strategy, utilizing advanced telemetry and intelligence to uncover sophisticated attacker patterns before they impact our infrastructure.
- Lead Through Crisis: You will be the technical force behind our Incident Response, guiding the team through high-pressure situations, conducting deep-dive forensics, and refining our defense playbook to stay ahead of the adversary.
- Mentor and Innovate: You will elevate the talent around you. Through hands-on mentorship, technical workshops, and collaboration, you will cultivate a culture of continuous improvement and technical excellence.
- Architect the Future: You will partner with our cloud and product teams to integrate security into every stage of the lifecycle. By championing "Security-as-Code" and automation, you will transform how we monitor and protect our global ecosystem.
Requirements
Experience: Minimum 2–5 years of experience in Cybersecurity, with a strong focus on Security Operations, Incident Response, or Threat Hunting.
Demonstrated experience in a technical lead or senior-level advisory role, guiding teams through complex technical challenges.
Proven background in managing security operations within high-scale, distributed environments (Cloud or Hybrid).
Advanced understanding of attacker TTPs (Tactics, Techniques, and Procedures) and the MITRE ATT&CK framework.
Deep expertise in SIEM/SOAR platforms, EDR/XDR tools, and network traffic analysis.
Experience with Cloud security (AWS, Azure, or GCP) and understanding of shared responsibility models.
Experience leading large-scale incident investigations and performing root-cause analysis.
Familiarity with forensic analysis tools and procedures.
Why Join Thales S21sec Spain?
At Thales S21sec, we pride ourselves on being innovative and flexible in how we work. We continuously evolve our policies to ensure a true work-life balance.
100% Flexible Hybrid Work
Work from home or come to the office whenever you choose.
Up to 41 Days Off Per Year
24 vacation days + additional flexible days
Option to enjoy one free Friday per month (12 per year)
Choose between summer reduced hours or extra days of
Flexible Compensation Package
Optimize your net salary with benefits such as meal vouchers, transport cards, childcare vouchers, and training support.
Continuous Learning & Certifications
Access to an annual training plan including technical certifications, languages, and soft skills.
Knowledge Sharing Culture
Participate in our voluntary Speakers Program and share your expertise.
Performance-Based Bonuses
Clear and transparent objectives aligned with KPI-based annual bonuses.
Career Growth Your Way
Choose your path:
Leadership and team management
Deep technical specialization with top experts
💡 Join Us
If you are passionate about cybersecurity and want to make an impact, we are your company.
👉 We’re looking forward to meeting you!
At Thales we provide CAREERS and not only jobs. With Thales employing 80,000 employees in 68 countries our mobility policy enables thousands of employees each year to develop their careers at home and abroad, in their existing areas of expertise or by branching out into new fields. Together we believe that embracing flexibility is a smarter way of working. Great journeys start here, apply now!