• Monitor security tools and platforms for suspicious activity and potential threats. • Investigate and triage alerts, respond to incidents, and document findings, root cause, and remediation actions. • Serve as the primary operational interface between customers, MDR providers, and internal teams for security events and escalations. • Coordinate incident response activities across MDR partners and internal teams. • Communicate security incidents, risks, and remediation status to customers. • Participate in incident reviews, RCA discussions, and customer meetings. • Ensure MDR services align with customer SLAs and contractual requirements. • Escalate critical risks and ensure timely resolution across stakeholders. • Perform vulnerability assessments and coordinate remediation activities across environments. • Identify and prioritize risks and recommend mitigation strategies to internal leadership and customers. • Maintain and tune security tools including SIEM, EDR, firewalls, and intrusion detection/prevention systems. • Analyze logs and telemetry to identify threats and improve detection capabilities. • Develop and maintain security operations processes, SOPs, and incident response runbooks to support consistent and scalable service delivery. • Create repeatable workflows for incident detection, escalation, and remediation. • Continuously refine playbooks based on lessons learned and threat intelligence. • Support onboarding of new customers by defining operational procedures. • Partner with Help Desk and Infrastructure teams to build security awareness and operational readiness. • Deliver training on security tools, processes, and escalation procedures. • Enable teams to identify, triage, and escalate security events appropriately. • Provide ongoing guidance to improve cross-team collaboration and response effectiveness. • Support development and enforcement of security policies, standards, and procedures. • Participate in audits and maintain documentation aligned to frameworks such as ISO 27001, NIST, SOC 2, and CMMC. • Stay current with emerging threats, vulnerabilities, and industry trends. • Recommend and implement improvements to strengthen security posture across internal and customer environments.

Role Description You will be more specifically in charge of: - Providing (tier 2 and 3) support to our customers, be part of our threat research team, collaborate with threat researchers and data scientists to challenge our detection engine on a daily basis. - Analyzing huge web traffic data sets (across more than 100 billion documents) to identify and block malicious traffic. - Contributing to support by analyzing past attacks to strengthen our detection. - Collaborating with threat researchers to challenge and optimize DataDome real-time detection engine capabilities. - Creating automates/scripts to detect outliers in our global traffic. - Identifying potential attacks and adding new alerts to our detection platform. Qualifications - Bachelors Degree Required in a relevant field. - At least 2 years in similar experience. - Familiar with at least one scripting language (preferably Python) to automate analysis and detection tasks. - Have a real passion for data, security and automated attacks mitigation. - Have expertise on network or web infrastructure (HTML, HTTP, CDN, DNS, IPv4/IPv6, cookies). - Master at least one Database language: MySQL/NoSQL/ElasticSearch. Requirements - Bonus points if you implement bots during your spare time. - Experience using Kibana is a plus. Benefits - Flex Life: While we offer remote, each position specifies the level of flexibility. You will also receive a 500€ stipend to help you set up your ideal workspace if you work hybrid or remotely. - Generous Health Benefits: We have partnered with Kenko for your healthcare needs. - Professional Development: #Weaimhigh is part of our DNA, therefore we have invested in an internal Learning and Development platform and offer the opportunity to request additional training and support via your manager. - Events & Team building: #We care and we have fun! We organize Annual Company-Offsite, Events, Drinks, Winter Party, Lunch & Learns and much more as part of our Culture. - Parent Care: Gift & care packages for parents. - PTO: Based on the country you are based from (e.g. 20 days in Costa Rica/5 days sick leave). Company Description DataDome delivers real-time bot and agent trust management, giving businesses complete visibility and control over all traffic—human, bot, or AI. Named a Leader in The Forrester Wave™ for Bot Management, DataDome is trusted by enterprises like Etsy, PayPal, and Soundcloud. Acting as a traffic control plane, DataDome's multi-layered AI engine leverages thousands of models and 5 trillion signals daily to analyze intent and stop fraud in under 2 milliseconds—letting legitimate users through seamlessly across websites, apps, APIs, and MCPs. Backed by a 24/7 SOC and expert threat researchers, DataDome stops 20k+ attacks every second. With 30+ global PoPs, and 50+ ready-made integrations, DataDome is a recognized Leader on G2 across several categories—delivering protection that outperforms.

• Operate and maintain proactive security capabilities across client environments. • Monitor and validate security signals while continuously improving security configurations and detection capabilities. • Perform Security-as-a-Service operations, including reporting on security posture and security tool health. • Enhance detection quality through SIEM tuning, alert optimization, dashboard improvements, and correlation rule refinement. • Conduct advanced Windows and Microsoft 365 log analysis to identify suspicious activity, security gaps, and potential indicators of compromise. • Implement and support security hardening initiatives across endpoints, servers, cloud environments, and identity platforms. • Manage and support security awareness training programs and phishing simulation initiatives. • Ensure security tools and operational processes align with established security standards and service requirements. • Evaluate emerging security technologies and provide recommendations for adoption and standardization. • Support AI-driven security and automation initiatives by validating outputs and optimizing repeatable workflows. • Serve as a senior technical escalation point for complex security-related issues. • Collaborate with infrastructure, cloud, and operations teams to improve security processes and standards. • Communicate security risks, findings, and recommendations clearly to both technical and non-technical stakeholders. • Participate in compliance-related discussions, evidence collection, and security assessments. • Assist with CMMC, SOC, and other security compliance initiatives as needed. • Perform additional duties as assigned.

Role Description As a Cybersecurity Analyst, you are expected to have a strong technical background in security operations, threat detection, and incident response. This role is responsible for protecting both internal and customer environments while serving as a key operational interface with Managed Detection and Response (MDR) partners. You will contribute to the maturity and scalability of security operations by building processes, developing runbooks, and enabling internal teams to consistently and effectively respond to security events. Key Responsibilities - Threat Monitoring and Incident Response: - Monitor security tools and platforms for suspicious activity and potential threats. - Investigate and triage alerts, respond to incidents, and document findings, root cause, and remediation actions. - MDR Customer and Partner Interface: - Serve as the primary operational interface between customers, MDR providers, and internal teams for security events and escalations. - Coordinate incident response activities across MDR partners and internal teams. - Communicate security incidents, risks, and remediation status to customers. - Participate in incident reviews, RCA discussions, and customer meetings. - Ensure MDR services align with customer SLAs and contractual requirements. - Escalate critical risks and ensure timely resolution across stakeholders. - Vulnerability and Risk Management: - Perform vulnerability assessments and coordinate remediation activities across environments. - Identify and prioritize risks and recommend mitigation strategies to internal leadership and customers. - Security Operations and Tooling: - Maintain and tune security tools including SIEM, EDR, firewalls, and intrusion detection/prevention systems. - Analyze logs and telemetry to identify threats and improve detection capabilities. - Process Development and Runbooks: - Develop and maintain security operations processes, SOPs, and incident response runbooks to support consistent and scalable service delivery. - Create repeatable workflows for incident detection, escalation, and remediation. - Continuously refine playbooks based on lessons learned and threat intelligence. - Support onboarding of new customers by defining operational procedures. - Training and Enablement (Help Desk & Infrastructure): - Partner with Help Desk and Infrastructure teams to build security awareness and operational readiness. - Deliver training on security tools, processes, and escalation procedures. - Enable teams to identify, triage, and escalate security events appropriately. - Provide ongoing guidance to improve cross-team collaboration and response effectiveness. - Governance, Compliance, and Documentation: - Support development and enforcement of security policies, standards, and procedures. - Participate in audits and maintain documentation aligned to frameworks such as ISO 27001, NIST, SOC 2, and CMMC. - Continuous Improvement: - Stay current with emerging threats, vulnerabilities, and industry trends. - Recommend and implement improvements to strengthen security posture across internal and customer environments. Qualifications - 2+ years of experience in cybersecurity, SOC operations, or managed security services. - Experience working with MDR providers or managed security environments. - Strong understanding of incident response processes and threat detection. - Experience developing documentation, runbooks, or operational processes. - Ability to communicate technical security issues to both technical and non-technical audiences. - Experience with Microsoft Security tools, CrowdStrike, Palo Alto, SentinelOne. - Strong analytical, problem-solving, and organizational skills. - Ability to manage multiple priorities and respond effectively under pressure. Preferred Certifications - CompTIA Security+ - CompTIA CySA+ - Certified Ethical Hacker (CEH) - GIAC (GSEC, GCIH) - Microsoft Security Certifications (preferred) Physical Demands - Sit at a computer for 8 hours per day. - Keyboarding for 8 hours per day. - Near Vision (working with small objects or reading small print). - Speaking (communicating information to clients/coworkers). - Hearing Requirements (In person speech, telephone, other sounds). Benefits - Medical, dental, and vision benefits with highly subsidized premiums. - Two weeks paid time off in your first year, with increasing PTO as tenure increases, and most major holidays off. - 401(k) Plan with employer match. - Onsite Fitness Center. - Onsite Monthly Massages.