My client is a leading provider of security services and solutions for security conscious companies and organisations around the world, focused on protecting their systems, data and processes.
This is an unique opportunity to be part of the team who provides bespoke and tailored solutions, on top of my client's standard service offering, meaning you would be working closely with the best Security minds, to provide the best solutions.
If you are enthusiastic about Cyber Security, autonomous in your work, with 3+ years experience in the field, then this position could be for you. Please see more details about the role below:
The main areas you will be covering as part of this leading team includes;
Threat Monitoring
- Serve as the primary contact for the Cyber Fusion Center on the client's behalf
- Assist with regular Cyber Fusion Center operations, including threat monitoring, security service management, endpoint detection and response, and vulnerability scanning services
- Investigate and remediate incidents escalated by the Cyber Fusion Center or the client's internal teams
- Develop detailed incident response playbooks tailored for the client
- Define, test, deploy, and execute specific use cases, threat hunting activities, and threat intelligence initiatives for the client
- Provide support for large-scale incident response efforts
Service Improvement
- Tune the client's SIEM rules to enhance operational performance
- Assist in the rules factory program to improve the overall detection set globally
- Evaluate, analyze, and recommend new standard data source requests
- Collaborate with Product teams to develop new services that align with operational capabilities
- Contribute to the client's security projects
- Implement new tools or scripts to improve the efficiency of security operations
General Responsibilities
- Ensure customer satisfaction and the overall success of managed services.
- Suggest improvements for Standard Operating Procedures.
- Recommend enhancements for tools and workflows.
- Document actions in tickets to effectively communicate information both internally and to customers.
- Follow policies, procedures, and security best practices.
We'd love to talk to you if...
- At least 3 years of experience in information security, particularly in cyber operations.
- Excellent client service skills.
- Knowledge of incident response processes, including detection, triage, incident analysis, remediation, and reporting.
- Experience with one or more of the following technologies: EDR/NGAV, SIEM (especially QRadar or Sentinel), Vulnerability Scanning, Managed Attacker Deception, SOAR.
- Experience reviewing and analyzing log data and network packet captures.
- Strong knowledge of Windows/Linux OS, network protocols, and scripting languages.
- Good knowledge of Cloud and OT/ICS technologies.
- Excellent understanding of the security landscape and various security visibility solutions (SIEM-based visibility vs. EDR).
- Native proficiency in German/Swiss German and fluency in English.
