Simulation & Detection Engineer

We’re hiring: Simulation & Detection Engineer (BAS / SIEM / EDR / XDR)

Hack in Hire is recruiting for a cybersecurity consulting and services company (Barcelona-based, international scope) that has been protecting organizations for years across incident response, digital forensics, managed services, threat intelligence, and Red & Purple Team engagements. The team is growing its Security Control Validation + Detection Engineering capability and is looking for someone who enjoys turning realistic adversary simulations into high-signal detections and clear improvement plans for customers.

About the role

Presente su candidatura después de leer los siguientes requisitos de habilidades y cualificaciones para este puesto.

As a Simulation & Detection Engineer, you’ll combine offensive and defensive thinking to evaluate and improve customer security controls. You’ll operate and refine Breach & Attack Simulation (BAS) tooling, design attack scenarios mapped to MITRE ATT&CK, analyze simulation outcomes, and translate gaps into detection rules, mitigations, and actionable reporting for technical and executive stakeholders.

What you’ll do

• Operate, tune, and administer BAS / attack simulation tools to validate security controls in realistic scenarios
• Select and replicate adversary tactics and techniques aligned with MITRE ATT&CK
• Analyze simulation results to identify detection/control gaps and improvement opportunities
• Define threat detection and mitigation strategies based on findings
• Design, develop, and fine-tune detection rules across SIEM / EDR / XDR platforms
• Configure and manage lab environments to execute attack simulations safely and repeatably
• Automate evaluation and reporting workflows by building scripts/tools (e.g., Python, PowerShell, Bash)
• Produce technical and executive reports communicating risks, evidence, and recommendations clearly to customers

What we’re looking for

• Bachelor’s degree in Engineering / Cybersecurity (or equivalent proven professional experience)
• 2–3 years of experience in one or more of the following:
• Adversary simulation / BAS platforms (e.g., AttackIQ, Caldera, Cymulate, Pentera, SafeBreach, or similar)
• Detection engineering / SOC work creating and optimizing alerts in SIEM and/or EDR
• Strong understanding of Windows telemetry/logs and events for proactive detection
• Solid grasp of adversary TTPs mapped to MITRE ATT&CK
• Experience with SIEM/EDR tools such as CrowdStrike, Cortex, Splunk, Elastic (ELK), LogRhythm, Microsoft Sentinel, QRadar, Chronicle, Wazuh (or comparable)
• Scripting skills (Bash, Python, PowerShell) for automation and tooling
• Systems administration knowledge across Windows and UNIX/Linux
• Solid networking fundamentals (TCP/IP, DHCP, DNS, core protocols)
• “Purple mindset”: think like an adversary while strengthening defenses
• Ability to communicate xcskxlj clearly in English in technical and international environments
• Certifications and/or a Master’s degree in cybersecurity are a plus

What’s offered

• Salary range: €28k–€38k (depending on experience and capability)
• Barcelona or remote (telework) flexibility, with access to comfortable offices
• Join an international, young, dynamic team with a great working environment
• Close collaboration with Red Team and Blue Team, with exposure to multiple detection technologies and real-world scenarios
• Continuous training (internal + external), including certifications and annual conference attendance
• Personalized career development plan aligned with your growth
• Work-life balance support + summer intensive schedule
• Flexible compensation plan (meals, transport, childcare, training)
• Private health insurance

Interested? Apply via LinkedIn or submit your CV via .