Senior Security Operations Center Specialist
Liebherr Group
full-time
Posted on:
Location Type: Hybrid
Location: Madrid • 🇪🇸 Spain
Visit company websiteJob Level
Senior
Tech Stack
AWSAzureCloudCyber SecurityGoogle Cloud PlatformPython
About the role
- Use Case Development: Design and test new security use cases to enhance the detection and response capabilities of Liebherr’s SIEM system
- Log Source Onboarding: Onboard and integrate various log sources into the SIEM system, ensuring comprehensive visibility across the organization’s IT environment
- SOAR Playbook Implementation: Design, implement, and maintain SOAR playbooks to automate incident response processes and improve operational efficiency
- System Optimization: Continuously evaluate and optimize the performance of the SIEM and SOAR systems to ensure they meet the evolving security needs of the organization. Also optimize costs in regards to Log sources and their retention
- Threat Detection Engineering: Design and implement advanced detection techniques and perform threat hunting as well as lead tuning exercises and detection gap analysis
- Collaboration: Work closely with the SOC team and other IT departments to ensure seamless integration of security tools and processes
- Documentation: Maintain thorough documentation of use cases, log source configurations, and SOAR playbooks for future reference and compliance purposes
Requirements
- Bachelor’s/Master’s in Cybersecurity, Computer Science, or related field
- 6+ years in cybersecurity, ideally as SOC-Engineer
- Hands-on knowledge of SIEM, and security analytics tools (e.g. Microsoft Sentinel, Microsoft Defender XDR, Elastic SIEM)
- Familiarity with SOAR platforms and automation processes (especially Microsoft Logic Apps, Microsoft Sentinel Automations)
- Experience in security log source onboarding & automation of security tasks
- Proficiency in scripting and programming languages (e.g. Python, PowerShell) for automation tasks
- English is a Must, German and French are a plus
- Understanding of cybersecurity frameworks and standards (e.g. ISO27001, NIST, GDPR)
- Strong analytical, problem-solving skills and communication skills
- Following certificates are a plus: GIAC Python Coder (GPYC), GIAC Cloud Security Automation (GCSA), GIAC Security Operations Certified (GSOC), Cloud certifications (AWS, Azure, or GCP)
Benefits
- Attractive salary and social benefits
- Flexible and hybrid working
- Freedom for creative work
- Safe and secure workplace
- Individual development and training opportunities
- Meal voucher
- Life and accident insurance
- Exclusive offer for a premium private health insurance package
- Bonus payments for Christmas and holidays, based on the collective agreement
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
SIEMSOARsecurity analyticsscriptingprogrammingthreat detectionlog source onboardingautomationdetection gap analysisincident response
Soft skills
analytical skillsproblem-solving skillscommunication skillscollaboration
Certifications
GIAC Python Coder (GPYC)GIAC Cloud Security Automation (GCSA)GIAC Security Operations Certified (GSOC)AWSAzureGCP