Component Lead - Security Analysts (m/f/x)

at  REWE Group

JOB DESCRIPTION

• Provide leadership to Security Operations Center Analysts
• Training and mentoring the security analysts in the Security Operations team in the development of their cybersecurity knowledge, security specialization area and ongoing understanding of the current threat landscape
• Responding to security incidents, providing security recommendations and incident handling as required
• Ensuring security team adherence to internal policies, procedures, playbooks and guidelines
• Maintaining and developing internal processes, security procedures and remediation guidelines within business compliance requirements (eg. GDPR, ISO27001, NIS 2)
• Identifying opportunities to improve SOC Monitoring and Detection based on current threat landscape, best practices, lessons learned etc.
• Form requirements and needs for technical implementation of use cases towards internal SOC teams, focused on active collaboration
• Provide advice and guidance on procedural and technical security controls
• Provide advice and guidance to other teams within the business on good practice and maintain relevant and current industry knowledge
• Troubleshooting and helping to resolve security issues
• Acting as subject matter expert and primary escalation point of contact for security questions from internal teams
• Prepare reports of analysis and results to provide briefings to senior management
• Investigate, document and report on information security issues and emerging trends
• Contribute to the development and implementation of security governance in IT, ensuring application and infrastructure security principles are applied during design and into business as usual processes to reduce risk, drive adoption and adherence to policies, standards and guidelines by the wider business

QUALIFICATIONS

• 5+ years of experience working in a security operations environment, preferably in a senior security technical role or leading Security Analysts/Manager
• 2-3+ years of team lead/management experience
• Successfully completed studies (computer science, information security, IT security, cybersecurity) or comparable training
• Experience with Security Operations Center, network event analysis and/or threat analysis
• Experience working as an Incident Responder
• Strong knowledge of industry standard SOC tools usage and implementation.
• Strong knowledge of various security methodologies and technical security solutions
• Advanced knowledge of current vulnerabilities and attacks
• Technical expertise in network security including VPN, firewall, web server security and Cloud
• Experience analyzing data from cybersecurity monitoring tools, including proven record in using SIEM, XDR, EDR, NDR, PAM and Threat Intelligence solutions
• Ability to analyze endpoint, network, and application logs
• A track record of delivery working within a fast paced and pressured environment
• Excellent spoken and written communication skills for both technical and non-technical audiences in German and English
• Industry certifications such as: CISSP/CISM, SANS GIAC Certifications, C.E.H/L.P.T, or other relevant certs are considered a plus
• Entrepreneurial mindset and strong analytical and conceptual skills
• A precise, responsible mindset and reliability are among your strengths
• Very good presentation and moderation skills
• Technical knowledge of the products – Splunk, SentinelOne, Proofpoint, Cyberark is an advantage
• Knowledge of frameworks and standards in the SOC environment such as Cyber Kill Chain, MITTRE, SOC CMM or similar standards
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
• Ability to perform independent analysis of complex problems and distill relevant findings and root causes
• Strong problem-solving and troubleshooting skills

Please refer the Job description for details