Cybersecurity Analyst - DevSecOps

Summary

Join Leadtech's security team as a Cybersecurity Analyst, safeguarding our information systems by identifying and mitigating security threats. You will collaborate with cross-functional teams, conduct penetration testing, and manage security threats using various tools. This role requires expertise in security frameworks, cloud computing, and vulnerability management. Leadtech offers a flexible work environment, comprehensive benefits, and opportunities for growth and development. We prioritize your growth with personalized internal training and an annual budget for external learning opportunities. Enjoy a flexible schedule and the option of working fully remote or from our Barcelona office.

Requirements

• Minimum 4 years of experience in a similar role
• Bachelor's or Master’s degree in Cybersecurity, Information Security, Computer Science, or a related field
• Knowledge of security frameworks such as ISO 27001, NIST, PCI-DSS, OWASP
• Strong understanding of cloud computing, networking, application development, cryptography, and code review, with expertise in AWS
• Knowledge of endpoint security and experience with security tools such as Microsoft Defender, Azure, and Entra
• Ability to evaluate and manage security threats in structured environments
• Strong analytical and problem-solving skills
• Effective communication and collaboration skills with cross-functional teams
• Experience creating and reporting KPIs related to cybersecurity

Responsibilities

• Work with operations and development teams to ensure security requirements are integrated and maintained within the infrastructure and the secure development life cycle
• Assess and mitigate security vulnerabilities across networks, applications, and cloud environments (AWS expertise required)
• Conduct penetration testing to identify attack vectors and security weaknesses
• Monitor, analyze, and manage security threats using endpoint protection tools such as Microsoft Defender, Azure, and Entra
• Perform vulnerability assessments utilizing tools such as SonarQube, AWS Inspector, Qualys, Nessus, and others
• Ensure security best practices for data and system protection are followed
• Collaborate with development teams to review code and improve application security
• Support incident response efforts by investigating and mitigating security incidents
• Track and report cybersecurity metrics and KPIs for the Security Department
• Work with ticketing systems like Jira to manage security-related tasks and incidents
• Implement and maintain security frameworks, including ISO 27001, NIST, PCI-DSS

Preferred Qualifications

• Familiarity with attack and exploitation techniques related to operating systems, applications, and devices (MITTRE, OWASP, CompTIA Security+, CE, etc.)
• Experience with vulnerability scanning tools (SonarQube, AWS Inspector, Qualys, Nessus, etc.)
• Proficiency in programming and scripting languages such as Java and PHP
• Relevant certifications (e.g., CompTIA Security+, CISSP, CEH)
• Google Cloud knowledge

Benefits

• Growth and career development
• Flexible career path with personalized internal training and an annual budget for external learning opportunities
• Work-Life balance
• Flexible schedule with flextime (7 - 9:30 a.m. start, 3:30 - 6 p.m. end) and the option of working full remote or from our Barcelona office
• Free Friday afternoons with a 7-hour workday, plus a 35-hour workweek in July and August
• Competitive salary, full-time permanent contract, and top-tier private health insurance (including dental and psychological services)
• 25 days of vacation plus your birthday off, with flexible vacation options—no blackout days!
• Free coffee, fresh fruit, snacks, a game room, and a rooftop terrace with stunning Mediterranean views
• Ticket restaurant and nursery vouchers, paid directly from your gross salary