Threat Detection and Response Expert - Hybrid - Germany/Frankfurt

Hello Everyone



We at CosMicIT are urgently looking for Threat Detection and Response Expert



Locations: Frankfurt



Experience: 5+Years



Job Type: Hybrid (3 Days Office,2 Days Remote)



Job Description



Team description and details of role



The Threat Detection & Response Manager works within the Security Operations Center (dbSOC), which is set up within a Follow-The-Sun model. He/She is responsible for the monitoring, detection and analysis of information security events and incidents.

Additionally, he/she acts as a specialist for information security incident response processes to protect the Bank, its partners, and clients of any potential loss. Besides operations tasks, he/she will be supporting to evaluate and adjust processes, tools, and reporting, as well as lead smaller projects.

The objective is to identify and close gaps in the event detection, as well as improving the detection, analysis, and response of security events, ideally in an automated way.

Focus is on events in the area of network, endpoint and cloud security (GCP/Chronicle).



Responsibilities

Perform risk assessments to evaluate the criticality of information security event

Monitoring, detection, and analysis of security-relevant events, including response and documentation

Improvement of the current threat detection capabilities, ideally via automation of standard processes

Ensuring of effective daily Operations, managing workload of the Threat Detection & Response Team

Acting as escalation and contact point for more critical cases, complaints or process queries.

Definition, review and enhancement of Threat Detection & Response processes and tools

Ensuring that predefined processes and SLAs get met.

Reporting of Information Security Incidents to Senior Management and regulators.

Supporting the entire SOC team with your security expertise and process know-how

Disciplinary leadership of a small team.



Required Experience

Good understanding of enterprise technologies especially focusing on security devices, network engineering, operating systems, databases and security configurations on application level

Experience with analyzing system logs including network traffic logs, payload, event logs, application logs, firewall logs, Active Directory etc.

Experience with Security Incident and Event Management (SIEM) systems, ideally with Splunk Enterprise Security and Chronicle SecOps

Good knowledge of current threat landscape and attack scenarios/tactics, as well as containment and protection measures



Fluent English skills

Very good communication, analytical and documentary skills

Independent way of working with strong problem-solving ability

Experienced in communicating with higher management levels

Ideally project management skills and experience

Ideally experience in KPI reporting

Ideally first leadership experience



Education/Experience

Study in IT, Information Security or any other comparable profession or any other comparable apprenticeship

Cyber Security expertise, proven by industry-standard certifications, such as CISSP, CISM, GCIH or similar

Ideally experience with cloud monitoring (Azure, Google)

Knowledge of risk assessment tools, technologies, and methods.

Experience with monitoring and logging tools (e.g., Splunk)

Experience with cloud native SIEM or SOAR tools (e.g. Google Chronicle)



Eligible candidates, please share their resume/CV at CV@cosmic-it.com



Any references would also be accepted.



Thanks & Regards,

CosMicIT GmbH, Germany 🇩🇪

CosMicIT Informatics India Pvt Ltd. 🇮🇳

CosMicIT Spolka Z Ograniczona Odpowiedzialnoscia, Poland 🇵🇱

www.CosMic-IT.com | www.CosMic-IT.in

LinkedIn: https://www.linkedin.com/company/cosmic-it/