Career Level:

Become part of a vital chain and contribute to our common goal of making people’s lives better. Headquartered in Lachen, Switzerland, Octapharma is one of the largest human protein manufacturers in the world, developing and producing medicines sourced from human plasma and human cell lines. We are a privately-owned company, where the warmth of family meets the scale of a global organisation.

Join us in shaping our vision to provide new health solutions advancing human life.

Join Octapharma’s Cyber Security Operations team (SOC) and take a leading role in safeguarding our global business. As the Group Lead Expert for Security Operations, you will work closely with internal teams and external security partners to protect Octapharma, its key stakeholders, and partners from evolving cyber threats.

Your main tasks and responsibilities

• Detect, monitor, analyze, and investigate security events and alerts to identify, triage, and neutralize threats.
• Conduct proactive threat hunting to uncover potential risks before they escalate.
• Collaborate with corporate and local IT teams to contain and remediate incidents effectively.
• Contribute to the continuous improvement of SOC tools, procedures, and response capabilities.
• Enhance SIEM rules and develop playbooks to strengthen our incident response processes.
• Lead training exercises, post-incident reviews, and process improvement initiatives.
• Manage medium to large-scale security projects, and support operational tasks across the SOC.
• Deputize for other SOC members when required, ensuring seamless operational continuity.

• Minimum of 6 years of relevant Cyber Security experience with an understanding of the current security landscape including prevalent threats, existing technology and modern security architectures
• Industry licenses and certifications (Security+/CISSP, GCIA, GSOC, GCDA)
• Experience with providing escalation detail to incident response and threat intelligence services.
• Ability to monitor, analyze, and triage security events accurately and transpose their consequence to a business context.
• In-depth knowledge of current threat landscape, offensive tooling, and OWASP and MITRE ATT&CK® techniques
• Be able to Analyse various events, including but not limited to web traffic, underlying network protocols, malware, lateral movement TTPs (techniques, tactics, and procedures), or Microsoft and Linux security events
• Understanding of the operations and features of network security devices and tools (Firewalls, IDS/IPS, Antivirus/Antimalware/Endpoint Protection solutions, URL Filtering, DLP tools, SIEM tools, etc.)
• Knowledge of malware behaviour
• Knowledge of NIST best practices
• Logfile correlation and analysis
• System and memory analysis

The Cyber Security team wish to welcome an aspiring candidate as part of our small team to make a positive impact on our expanded goals in our Security Operations Centre.
- Richard Kearney, Group Director Information Security

Thrive with us

• You help save lives - Every day is meaningful as we produce life-saving medicines
• Family values - Long-term perspective for employees and relationships
• Be rewarded with market-related salary and benefits package
• You will have a high level of influence where you can make a difference and leave your footprint
• Work with skilled and fun colleagues in a relatively informal organization
• Skills development - We offer various internal and external employee and leadership trainings, trainee programs and digital solutions
  
  

It´s in our blood

We live diversity and stand for equal opportunities as an employer! We therefore look forward to receiving your application - regardless of age, gender, origin, sexual orientation, and religion. Please apply in English.

Do you have any questions? Then get in touch with your contact person.

Mrs. Claudia Vignau