Threat Detection specialist
Threat Detection specialist
- Art der Anstellung: Vollzeit
- 45.500 € – 69.500 € (von XING geschätzt)
- Vor Ort
- Zu den Ersten gehören
Threat Detection specialist
Über diesen Job
CyberGermany
A global organisation I am working with is looking for someone to join their Security Operations team in strengthening security measures, detecting potential threats, and responding rapidly to incidents.
Key Responsibilities
Key Responsibilities
- Investigate and respond to escalated security incidents, conducting root cause analysis and implementing remediation plans.
- Collaborate with Cyber Security Operations (CySO) teams to coordinate responses and ensure accurate, timely communication.
- Manage the full security incident lifecycle, from detection to resolution, ensuring detailed documentation and stakeholder coordination.
- Perform post-incident reviews, track key security metrics, and refine processes to enhance future incident response.
- Develop training materials and enhance team capabilities in threat detection and response.
- Conduct proactive threat-hunting exercises and support strategic improvements in detection methodologies.
- Identify opportunities for automation to streamline security response processes.
- Stay ahead of emerging cybersecurity threats, continuously improving techniques and defenses.
- Provide clear, concise security briefings to senior stakeholders, including executive leadership, during major incidents.
- Ensure adherence to operational security procedures, incident reporting, and continuous process enhancement.
- Bachelor’s or Master’s degree (or equivalent experience) in Cybersecurity, Information Technology, or a related field.
- Minimum of 3 years experience in cybersecurity, with a focus on Threat Detection and Response (TDR) at a senior analyst level (L3-L4).
- Strong expertise in security incident investigations, threat analysis, and remediation strategies.
- In-depth knowledge of incident response frameworks (e.g., Cyber Kill Chain, Diamond Model) and hands-on experience with SIEM systems and network investigations.
- Experience working with security tools such as Microsoft Azure Sentinel, Microsoft Defender, QRadar, Palo Alto XSIAM, and other SIEM/logging platforms.
- Solid understanding of network protocols (DNS, HTTP, SMB) and deep knowledge of operating system forensics (Windows, Linux, Unix, AIX).
- Prior experience in a 24/7 Security Operations Center (SOC) environment, handling high-severity incidents under pressure.
- Ability to develop incident escalation procedures and proactively conduct Threat Hunting.
- Strong communication skills, with the ability to explain technical issues to both technical and non-technical audiences.
- Industry-recognized certifications (e.g., GCIA, GCIH, GCFA, Security+, Network+) are highly preferred.
- Background in Supply Chain, Logistics, or Transport industries is a plus.
- A team player who thrives in a fast-paced, collaborative environment.
Gehalts-Prognose
Bewertung von Mitarbeitenden
Gesamtbewertung
Basierend auf 13 BewertungenVorteile für Mitarbeitende
Flexible Arbeitszeiten
Home-Office
Restaurant-Tickets
Kinderbetreuung
Betriebliche Altersvorsorge
Barrierefreiheit
Gesundheitsmaßnahmen
Betriebsarzt
Training
Günstige Anbindung
Vorteile für Mitarbeitende
Smartphone
Gewinnbeteiligung
Veranstaltungen
Privat das Internet nutzen
Hunde willkommen