Security Operations Centre Analyst (f/m/d)

Introducing Thinkproject Platform

Main Responsibilities:

• Respond competently to security events and alerts from SIEM, EDR, and other security tools across endpoints, infrastructure, cloud environments, and applications.
• Conduct threat hunting activities focused on analysing threat intelligence feeds to detect emerging threats and potential attack vectors.
• Analyse logs and security data to support incident detection, investigation, and root cause analysis.
• Independently manage cybersecurity incidents from identification through to resolution, coordinating with relevant stakeholders as needed.
• Operate, configure, and tune SIEM platforms and security tools, contributing to improved detection accuracy and reduced false positives.
• Develop, maintain, and execute incident response playbooks and automation solutions to streamline response efforts.
• Handle multiple investigations and routine SOC tasks simultaneously, prioritizing workload effectively.
• Perform forensic analysis during incident investigations, including evidence collection and documentation.
• Collaborate with IT, DevOps, and other teams to ensure timely incident containment and remediation; escalate complex issues when necessary.
• Manage outputs from cybersecurity assessment tools, coordinating with teams to ensure mitigation of identified vulnerabilities and risks.
• Participate in security exercises and testing to identify gaps in coverage and detection capabilities.
• Contribute to the ongoing maturation of the Security Operations Centre by introducing new logging, monitoring, and response solutions to enhance departmental operations and improve cybersecurity coverage.
• Maintain clear and detailed documentation of investigations, alerts, and incidents to support knowledge transfer and reporting.
• Proactively pursue professional development opportunities to stay current with evolving threats and security technologies.
• Adapt SOC processes, solutions, and procedures to enhance the monitoring of the organization's IT network health.
• Provide Security Operations Centre coverage on a rota basis, ensuring support is maintained in line with the organization’s commitments.
  

You Must Have:

• Proficiency in spoken and written English, with the ability to communicate effectively across both technical and non-technical audiences
• The ability to communicate difficult or sensitive information tactfully
  

Education & Experience:

• A bachelor’s degree in Cyber Security or a related field, or equivalent professional experience
• Strong knowledge of cybersecurity principles, threat landscapes, and incident response procedures
• Awareness of current and emerging cyber threats affecting SaaS organisations
  

Technical Skills:

• Hands-on experience with Security Information and Event Management (SIEM) tools, Endpoint Detection and Response (EDR) platforms, threat intelligence platforms, and vulnerability identification tools
• Experience managing security issues identified through internal tools and external assessments, ensuring remediation is completed in line with company policies and standards
• Experience in tuning detection rules and alerts to improve accuracy and reduce false positives in security monitoring.
  

SOC Operations:

• Experience in incident response and investigation, including forensic evidence handling and root cause analysis
• Experience managing business-as-usual (BAU) security operations workload alongside project-based work, both independently and in coordination with other team members
• Experience managing outputs from cybersecurity assessment tools, coordinating timely mitigation and remediation with key stakeholders.
  

Teamwork & Leadership:

• A positive, self-motivated attitude
• The ability to work effectively in a team environment, collaborating with cross-functional teams to achieve shared objectives
• Strong time management and prioritisation skills, with the ability to manage your own workload
• The ability to perform effectively under pressure, prioritise tasks, and make sound decisions in high-stress or emergency situations
• A proactive mindset with the ability to critically evaluate your own work, identify improvement opportunities, and automate, simplify, or standardise processes where appropriate
  

Language Skills:

It Would Be Good to Have:

• Proficiency in German (spoken and written)
  

Technical Skills:

• Hands-on experience with implementation of Security Information and Event Management (SIEM) tools, Endpoint Detection and Response (EDR) platforms, threat intelligence platforms, and vulnerability identification tools
• Experience integrating custom-built applications into SIEM platforms.
• Experience with Security Orchestration, Automation, and Response (SOAR) platforms to develop, test, and execute automated response playbooks, enhancing SOC efficiency and speeding incident response.
• Experience with threat hunting focused on application code, application and infrastructure architecture, leveraging strong programming skills and a solid understanding of the software development lifecycle (SDLC) and infrastructure components
  

SOC Operations:

• Experience coordinating outsourced penetration tests, ensuring smooth execution without service disruption.
• Experience implementing automation and playbooks to enhance response efficiency and reduce operational overhead.
• Experience with security assessment exercises to evaluate SOC operational effectiveness and the organizations’ ability to respond to Cyber Security incidents.
  

Technical Expertise:

• Experience with Azure, Azure AD, and AWS technologies and services
• Experience conducting forensic analysis of cybersecurity incidents
  

Lunch 'n' Learn Sessions I Women's Network I LGBTQIA+ Network I Coffee Chat Roulette I Free English Lessons I Thinkproject Academy I Social Events I Volunteering Activities I Open Forum with Leadership Team (Tp Café) I Hybrid working I Unlimited learning

Your Contact:

think career. think ahead.