Security Operations Center (SOC) Engineer

What will you do

The mission of Heidelberg Materials SOC Engineer is to support the technical infrastructure and tools used within the SOC. The role involves deploying, configuring, and maintaining security systems and technologies, such as SIEM (Security Information and Event Management) platforms, intrusion detection systems, firewalls, and endpoint protection solutions. The SOC Engineer works closely with other teams to ensure the proper integration of security solutions, perform system upgrades, and troubleshoot technical issues. The SOC Engineer also contributes to the development of incident response playbooks and procedures, as well as assists in the automation of security processes. The SOC Engineer actively participates in security tool evaluations, testing, and implementation. The mission is to maintain a robust and reliable security infrastructure that enables efficient monitoring, analysis, and response to security events and incidents within the SOC.

Key responsibilities

• Deploy, configure, and maintain security technologies and tools within the Security Operations Center (SOC), such as SIEM (Security Information and Event Management) systems, intrusion detection/prevention systems, firewalls, and endpoint protection solutions.

• Troubleshoot and resolve technical issues related to security systems, escalating to vendors or higher-level support as necessary.

• Support the implementation of security controls, such as access controls, encryption, and authentication mechanisms.

• Conduct regular maintenance, upgrades, and patching of security systems to ensure their optimal performance and adherence to security standards.

• Collaborate with SOC analysts and incident response teams to investigate and respond to security incidents.

• Monitor the health and performance of security infrastructure, including system logs, alerts, and incident response processes.

• Participate in security assessments, vulnerability scans, and penetration tests to identify and address potential weaknesses in the infrastructure.

• Assist in the evaluation and selection of new security tools and technologies, conducting proof-of-concept testing and vendor evaluations.

You are an ideal candidate, if you have:

• Bachelor's degree in computer science, cybersecurity, or a related field, or equivalent work experience.

• Proven experience working in a security operations center (SOC) or similar cybersecurity role.

• Fluency in English is required, with proficiency in German being advantageous.

• Proficiency in deploying, configuring, and maintaining security systems and technologies within a SOC environment.

• Strong knowledge of security technologies, tools, and frameworks, such as SIEM, IDS/IPS, firewalls, and endpoint protection.

• Experience with implementing and working in compliance with NIST and ISO 27001 frameworks for information security management.

• Experience with vulnerability scanning tools and techniques to identify and remediate security vulnerabilities.

• Experience in troubleshooting and resolving technical issues related to security systems

• Familiarity with security incident response processes and procedures.

• Familiarity with log management and analysis tools for efficient monitoring and analysis of security logs, events, and incidents.

• Knowledge of scripting or programming languages commonly used in cybersecurity, such as Python, PowerShell, or Bash.

• Familiarity with Microsoft Security Suite Products

• Familiarity with cloud security concepts and experience in securing cloud environments, such as AWS or Azure.

• Understanding of security assessment methodologies, such as penetration testing and ethical hacking, to evaluate the effectiveness of security controls.

• Strong analytical and problem-solving skills, with the ability to assess complex security incidents and provide effective solutions.

• Willingness to work in shifts, including weekends, public holidays, and nights, to ensure 24/7 coverage and timely response to security incidents when necessary.

What we offer

• Home Office including hardware and daily compensation

• 7,5-hour workday and 5 weeks of vacation

• Company reserved parking (car, motorbike, bike and lockers)

• Leisure time card (sport, education, wellness, health, culture)

• Daily meal contribution

• Career opportunities in IT area

• Extensive trainings (technical and soft skills)

• Employee focus groups & surveys about company topics

• Language courses (GER, EN, CZE)