About the project

• As a Senior SOC Engineer you will be responsible for monitoring, analysing and responding to security threats, using tools like SIEM and EDR platforms.
• You’ll lead the team in incident detection and response efforts, ensuring swift containment and recovery. Your role involves automating security workflows using Python to enhance efficiency and leveraging the MITRE ATT&CK framework to map and analyse threats and create a staged visualization of the relevant attacks that potentially will materialize.
• You will play a vital role as we reimagine the labour market to make it work for everybody.

Your responsibilities

• Analyse security data from diverse sources, including logs, EDR solutions, and network traffic, to identify and assess threats. Coordinate and lead security incident response efforts, including containment, eradication, and recovery.
• Develop and implement automation scripts and playbooks using Python to streamline incident detection, response, and reporting processes.
• Automate security alert triage, enrichment, and remediation workflows to reduce response time and improve efficiency.
• Use the MITRE ATT&CK framework to classify attack vectors, understand adversary behaviour, and enhance detection capabilities.
• Map security incidents and alerts to the MITRE ATT&CK tactics, techniques, and procedures (TTPs) for comprehensive analysis. Manage and configure EDR platforms for real-time endpoint monitoring and protection.

Our requirements

• 5+ years of experience in a Security Operations Center (SOC) or similar role with hands-on experience with SIEM tools (e.g., Sentinel, QRadar, ArcSight).
• Proficient in Python for automation and scripting.
• Strong understanding of Incident Response processes and methodologies and experience with MITRE ATT&CK framework to map and analyse threats.
• Knowledge of Endpoint Detection and Response (EDR) platforms (e.g., CrowdStrike, Carbon Black, SentinelOne). Familiarity with threat hunting techniques and processes.
• Certifications such as GSEC, CISSP, OSCP, MaD are preferred.

Technologies we use

What we offer

• Premium medical and dental care

• Life insurance

• Flex Benefits - Worksmile Cafeteria System (Multisport, vouchers, tickets etc.)

• Employee Referral Program

• Hackathons, Knowledge Sharing Hours, In-house projects

• Tech and sport communities

• Events and integration parties

• Charity initiatives, 2 extra volunteer days

• English/German classes

• Game room and chillout zone