Security Operations Engineer at Gridware enhancing security, detection, and response in cloud - first environments. Collaborating with IT and engineering teams to implement best practices.
About the role
- Senior SOC Specialist responsible for Security Operations Center infrastructure and optimization at Liebherr. Collaborating with teams to improve response capabilities and document processes.
Responsibilities
- Use Case Development: Design and test new security use cases to enhance the detection and response capabilities of Liebherr’s SIEM system
- Log Source Onboarding: Onboard and integrate various log sources into the SIEM system, ensuring comprehensive visibility across the organization’s IT environment
- SOAR Playbook Implementation: Design, implement, and maintain SOAR playbooks to automate incident response processes and improve operational efficiency
- System Optimization: Continuously evaluate and optimize the performance of the SIEM and SOAR systems to ensure they meet the evolving security needs of the organization. Also optimize costs in regards to Log sources and their retention
- Threat Detection Engineering: Design and implement advanced detection techniques and perform threat hunting as well as lead tuning exercises and detection gap analysis
- Collaboration: Work closely with the SOC team and other IT departments to ensure seamless integration of security tools and processes
- Documentation: Maintain thorough documentation of use cases, log source configurations, and SOAR playbooks for future reference and compliance purposes
Requirements
- Bachelor’s/Master’s in Cybersecurity, Computer Science, or related field
- 6+ years in cybersecurity, ideally as SOC-Engineer
- Hands-on knowledge of SIEM, and security analytics tools (e.g. Microsoft Sentinel, Microsoft Defender XDR, Elastic SIEM)
- Familiarity with SOAR platforms and automation processes (especially Microsoft Logic Apps, Microsoft Sentinel Automations)
- Experience in security log source onboarding & automation of security tasks
- Proficiency in scripting and programming languages (e.g. Python, PowerShell) for automation tasks
- English is a Must, German and French are a plus
- Understanding of cybersecurity frameworks and standards (e.g. ISO27001, NIST, GDPR)
- Strong analytical, problem-solving skills and communication skills
- Following certificates are a plus: GIAC Python Coder (GPYC), GIAC Cloud Security Automation (GCSA), GIAC Security Operations Certified (GSOC), Cloud certifications (AWS, Azure, or GCP)
Benefits
- Attractive salary and social benefits
- Flexible and hybrid working
- Freedom for creative work
- Safe and secure workplace
- Individual development and training opportunities
- Meal voucher
- Life and accident insurance
- Exclusive offer for a premium private health insurance package
- Bonus payments for Christmas and holidays, based on the collective agreement
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Cybersecurity Operations Director leading cybersecurity managed services operations at a global accounting firm. Overseeing teams, driving growth, and serving as an advisor to clients.
L2 SOC Analyst managing security incidents and responses at Keyloop, focusing on digital transformation in the automotive sector.
Security Operations Analyst responsible for developing security processes and incident response. Collaborating with multiple teams for security best practices in a hybrid work environment.
Security Manager leading IAM and SecOps at fintech solutions provider in Brazil. Developing and implementing information security programs aligned with best practices and compliance requirements.
Security Engineer enhancing cybersecurity tools and solutions for The Walt Disney Company. Performing system analyses and developing security configurations for improved protection against cyber threats.
Security Operations Lead responsible for security operations aligning with policies and compliance. Handling incident response, vulnerability management, and supporting IT teams with security expertise.
SOC L2 Analyst responsible for security monitoring and incident investigation. Analyzing escalated alerts, conducting correlation with SIEM, and executing response actions.
Cyber Security Specialist protecting digital estate from threats at the University of Edinburgh. Focused on identifying and mitigating cyber risks while supporting teaching and research services.
Cybersecurity Incident Response Analyst detecting and responding to cyber threats at NOV. Collaborating using AI tools to enhance cybersecurity operations across IT, cloud, and OT environments.