Lead Security Monitoring and Response Analyst at Mastercard coordinating enterprise crisis response and ensuring organizational resilience. Managing multi - region incident response and critical operations continuity.
About the role
- Use Case Development: Design and test new security use cases to enhance the detection and response capabilities of Liebherr’s SIEM system
- Log Source Onboarding: Onboard and integrate various log sources into the SIEM system, ensuring comprehensive visibility across the organization’s IT environment
- SOAR Playbook Implementation: Design, implement, and maintain SOAR playbooks to automate incident response processes and improve operational efficiency
- System Optimization: Continuously evaluate and optimize the performance of the SIEM and SOAR systems to ensure they meet the evolving security needs of the organization. Also optimize costs in regards to Log sources and their retention
- Threat Detection Engineering: Design and implement advanced detection techniques and perform threat hunting as well as lead tuning exercises and detection gap analysis
- Collaboration: Work closely with the SOC team and other IT departments to ensure seamless integration of security tools and processes
- Documentation: Maintain thorough documentation of use cases, log source configurations, and SOAR playbooks for future reference and compliance purposes
Requirements
- Bachelor’s/Master’s in Cybersecurity, Computer Science, or related field
- 6+ years in cybersecurity, ideally as SOC-Engineer
- Hands-on knowledge of SIEM, and security analytics tools (e.g. Microsoft Sentinel, Microsoft Defender XDR, Elastic SIEM)
- Familiarity with SOAR platforms and automation processes (especially Microsoft Logic Apps, Microsoft Sentinel Automations)
- Experience in security log source onboarding & automation of security tasks
- Proficiency in scripting and programming languages (e.g. Python, PowerShell) for automation tasks
- English is a Must, German and French are a plus
- Understanding of cybersecurity frameworks and standards (e.g. ISO27001, NIST, GDPR)
- Strong analytical, problem-solving skills and communication skills
- Following certificates are a plus: GIAC Python Coder (GPYC), GIAC Cloud Security Automation (GCSA), GIAC Security Operations Certified (GSOC), Cloud certifications (AWS, Azure, or GCP)
Benefits
- Attractive salary and social benefits
- Flexible and hybrid working
- Freedom for creative work
- Safe and secure workplace
- Individual development and training opportunities
- Meal voucher
- Life and accident insurance
- Exclusive offer for a premium private health insurance package
- Bonus payments for Christmas and holidays, based on the collective agreement
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
IT - Security & Resilience Chief Engineer focusing on Security Monitoring for LBBW. Leading IT - Security projects and ensuring compliance and operational security within IT.
Director leading security operations and enhancing vulnerability management at IDEXX. Driving strategic execution and operational excellence across key domains in cybersecurity.
DE
IT Security Operations Specialist ensuring security of global networks, systems, and data. Implementing security controls and performing advanced threat hunting using Microsoft Sentinel and Darktrace.
SU
SunrunStaff SOC Analyst
Staff SOC Analyst driving advanced threat detection and incident response for Sunrun's security team. Leading complex investigations, mentoring analysts, and improving detection capabilities in a remote setup.
BI
Bogaard Group International, Inc.GSOC Analyst
GSOC Analyst focusing on critical events and risk management operations at Netflix. Monitoring global threats and coordinating incident management efforts in a hybrid work setting.
BI
Bogaard Group International, Inc.GSOC Analyst
GSOC Analyst monitoring global events and managing critical incidents for Netflix's security operations. Ensuring timely communication and assessment during major security threats.
AS
A SocietySecurity Operations Center Engineer
Security Operations Center Engineer enhancing security posture via automation and threat hunting. Requires strong experience with SIEM and SOAR platforms and Python scripting.
CA
Credit AcceptanceSecurity Operations Vulnerability Analyst II
Security Operations Vulnerability Analyst II identifying and mitigating security vulnerabilities. Collaborating with teams to ensure timely risk remediation and protection of enterprise systems.
ON
OntinueSOC Analyst
Cyber Defender (SOC Analyst) acts as the key point of contact for major security incidents. Coordinating response efforts and enhancing procedures at a leading AI - powered security partner.