Security Operations Center (SOC) Analyst

What will you do

The mission of Heidelberg Materials SOC Analyst is to monitor and analyze security events and incidents within the organization's infrastructure. The role involves continuously monitoring security alerts, conducting investigations, and performing in-depth analysis to identify and mitigate potential threats. Heidelberg Materials SOC Analysts leverage various security tools and technologies to detect and respond to security incidents promptly. They analyze security logs, conduct threat hunting, and provide incident response support. SOC Analysts also collaborate with other teams to investigate incidents, perform vulnerability assessments, and develop recommendations to improve security posture. Their mission is to ensure timely detection, analysis, and response to security incidents, thereby minimizing the impact of potential breaches and protecting critical assets.

Key responsibilities

• Monitor security events and incidents in real-time to detect potential threats and intrusions.

• Maintain and configure security monitoring tools, such as SIEM (Security Information and Event Management) systems, intrusion detection systems, and log management solutions.

• Provide on-call support for handling critical security incidents outside regular business hours.

• Investigate and analyze security alerts, logs, and reports to identify security incidents and determine the root cause.

• Conduct in-depth analysis of security events to assess the potential impact and recommend appropriate response actions.

• Perform threat hunting activities to proactively search for signs of advanced threats and vulnerabilities.

• Collaborate with incident response teams to develop and execute incident response plans and procedures.

• Collaborate with cross-functional teams to ensure the effective implementation of security controls and best practices.

You are an ideal candidate, if you have:

• Bachelor's degree in computer science, cybersecurity, or a related field, or equivalent work experience.

• Proven experience working in a security operations center (SOC) or similar cybersecurity role.

• Fluency in English is required, with proficiency in German being advantageous.

• Familiarity with security technologies and tools, such as SIEM (Security Information and Event Management), IDS/IPS (Intrusion Detection/Prevention Systems), firewalls, and endpoint protection.

• Experience with implementing and working in compliance with NIST and ISO 27001 frameworks for information security management.

• Proficiency in analyzing security logs, alerts, and reports to identify and investigate potential threats.

• Knowledge of incident response methodologies and procedures.

• Experience with threat hunting techniques and proactive threat detection.

• Ability to conduct vulnerability assessments and penetration testing.

• Familiarity with scripting or programming languages commonly used in cybersecurity, such as Python, PowerShell, or Bash.

• Knowledge of cloud security concepts and experience with securing cloud environments, such as AWS or Azure.

• Strong analytical and problem-solving skills, with the ability to assess complex security incidents and provide effective solutions.

• Willingness to work in shifts, including weekends, public holidays, and nights, to ensure 24/7 coverage and timely response to security incidents when necessary.

What we offer

• Home Office including hardware and daily compensation

• 7,5-hour workday and 5 weeks of vacation

• Company reserved parking (car, motorbike, bike and lockers)

• Leisure time card (sport, education, wellness, health, culture)

• Daily meal contribution

• Career opportunities in IT area

• Extensive trainings (technical and soft skills)

• Employee focus groups & surveys about company topics

• Language courses (GER, EN, CZE)

• Mobile phone with company tariff

• Relax area and terrace