Madrid, M, ES

Lead Security Analyst (Hybrid setup)

Join a team of cybersecurity professionals and help Swiss Re to fulfil its mission in making the world more resilient. As a Lead Cybersecurity Analyst, you'll be monitoring current threats by analysing and handling major cyber incidents, implementing standards, and mentoring less experienced analysts. What's more, you'll be working in a hybrid setup, balancing work from home and the office premises.

About the team

Cyber Defence team is responsible for keeping the company safe – by going above and beyond in terms of preciseness and diligence. As part of the Security Team, Cyber Defence is responsible for maintaining security operations, focused on delivering high-quality detection monitoring and response solutions. We're looking for an experienced cybersecurity leader who'll use their creative thinking to manage the production of detection content, investigation of incidents, and help us to improve our incident response techniques.


In your role, you will…


  • Proactively identify and respond to cyber threats
  • Implement and ensure appropriate standards
  • Mentor team members
  • Craft detection content
  • Prioritise triage events
  • Improve existing detection content and playbooks
  • Ensure in-time incident response
  • Perform on-duty/ on- call support
  • Handle major security incidents
  • Understand the environment and applications
  • Analyse and document incidents

About you

Nobody is perfect and meets 100% of our requirements. If you, however, meet some of the criteria below and are curious about the world of threat analysis and detection, we'll be more than happy to meet you!


  • 5+ years or work experience in cyber security as an analyst or incident responder (in a SOC/CSIRT setup, preferably)
  • In-depth knowledge of current threat landscape, offensive tooling, and OWASP and MITRE ATT&CK® techniques
  • Technical writing skills to present complex topics to non-technical audiences
  • Excellent oral and written communication skills (English)
  • Malware and exploit analysis (or reverse engineering)
  • This position may require participation in on-call rotations to address urgent matters outside of regular working hours.

Your additional experience should include

  • Developing hypothesis-driven threat hunts
  • Analysing various events, including but not limited to web traffic, underlying network protocols, malware, lateral movement TTPs (techniques, tactics, and procedures), or Microsoft and Linux security events
  • Logfile correlation and analysis
  • System and memory analysis
  • Chain of custody and forensic acquisitions
  • Major incident response or breach investigation management


  • Experience developing in Python, Kusto, or any other scripting language
  • Experience with Azure or Amazon AWS




About Swiss Re


Swiss Re is one of the world’s leading providers of reinsurance, insurance and other forms of insurance-based risk transfer, working to make the world more resilient. We anticipate and manage a wide variety of risks, from natural catastrophes and climate change to cybercrime. Combining experience with creative thinking and cutting-edge expertise, we create new opportunities and solutions for our clients. This is possible thanks to the collaboration of more than 14,000 employees across the world.

Our success depends on our ability to build an inclusive culture encouraging fresh perspectives and innovative thinking. We embrace a workplace where everyone has equal opportunities to thrive and develop professionally regardless of their age, gender, race, ethnicity, gender identity and/or expression, sexual orientation, physical or mental ability, skillset, thought or other characteristics. In our inclusive and flexible environment everyone can bring their authentic selves to work and their passion for sustainability.



Reference Code: 126564