Cybersecurity Expert – Senior Information Security Incident Manager (f/m/d)

Eckdaten der angebotenen Stelle

ArbeitgeberUniper Energy
Postleitzahl99986
OrtNiederdorla
BundeslandThüringen
Gepostet am12.11.2024
Remote Option?-
Homeoffice Option?-
Teilzeit?-
Vollzeit?-
Ausbildungsstelle?-
Praktikumsplatz??-
Unbefristet?-
Befristet?-

Stellenbeschreibung

Cybersecurity Expert - Senior Information Security Incident Manager (f/m/d) Our team Cyber Security is looking for you!We are UniperAt Uniper, we are pro-actively transforming the world of energy whilst at the same time ensuring security of energy supply. As an internationally operating company, we work in very diverse teams with the greatest possible working time flexibility for our employees. Our corporate culture is characterized by equal opportunities, mutual appreciation, and respect. With us, you will be able to develop new business models, work on technological solutions for a modern, sustainable, and future-oriented energy supply as well as pro-actively help to shape changes. Interested? Then we will look forward to meeting you!Your responsibilitiesOverview:The Uniper Cybersecurity Operations Center is continuously enhancing its capabilities to strengthen our cybersecurity readiness and response to evolving threats. To meet our growing maturity and scalability demands, we are expanding our internal team to bolster skills, capacity, and gain fresh external perspectives to refine our incident response and cybersecurity functions.Role Description:We are seeking skilled and experienced professionals with proven expertise in cybersecurity. You should be confident in assessing, classifying, and investigating potential threats or incidents. Ideally, you hold certifications such as Incident Handler and have deep knowledge of Microsoft products, Cloud Solutions, Palo Alto, PowerBI, and automation tools. Experience in forensics and using forensic tools is essential, along with strong familiarity with querying and coding languages.You possess the ability to handle complex situations and communicate confidently with both technical and non-technical audiences. Your work is well-organized, and you consistently produce high-quality documentation, striving for continuous improvement in processes and procedures. Fluency in both English and German is required. If you're someone who thrives in dynamic environments and constantly seeks improvement— we want you on our team!Key Responsibilities:Incident Lifecycle Management: Manage and coordinate the full lifecycle of information and cybersecurity incidents, including detection, containment, eradication, and restoration of affected systems. Act as the central communication point, coordinating incident management activities with IT and OT teams, service providers, suppliers, and other relevant stakeholders from start to finish.Technical Expertise & Threat Identification: Leverage a strong technical background across multiple disciplines (Cloud, infrastructure, architecture, Industry 4.0) with a focus on information security. Identify malware types, infection methods, and objectives, while extracting and defining Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs).Threat Analysis & Monitoring: Analyze system logs, including network traffic, payloads, event logs, application logs, and firewall logs to detect and understand security incidents. Contribute to threat hunting activities, pen tests, forensic analysis, and continuous monitoring to enhance security posture.SOC & Automation Integration: Apply experience in setting up or working within modern Security Operations Centers (NextGen/Fusion/Converged Cyber Defense Ops) with automation, orchestration, and threat intelligence tools. Familiarity with tools like Palo Alto XSOAR/XSIAM, MS Sentinel, and Defender for Cloud is highly valued.Network & Endpoint Security: Provide expertise in network security and incident handling, with experience in managing firewalls and using advanced security solutions like Microsoft E5 Security (e.g., Palo Alto Cortex, MS Defender XDR).Threat Intelligence & Vulnerability Management: Collaborate with teams focused on Threat Intelligence and Vulnerability Management, ensuring proactive identification of threats and tracking remediation efforts. Familiarity with frameworks like Mitre ATT&CK and tools like MISP and Mandiant is preferred.Documentation & Reporting: Prepare high-quality reports on security incidents, findings, and lessons learned. Generate documentation for processes, procedures, and playbooks, ensuring clear communication of outcomes to both technical and non-technical audiences. Crisis management and communications expertise are considered advantageous.Emerging Threat Awareness: Stay informed about emerging threats and exploit vectors, sharing insights with leadership and cross-functional teams to inform decision-making and ensure continuous improvement.Communication & Collaboration: Work closely with cross-functional teams, delivering clear, concise communication on security incidents, vulnerabilities, and mitigation strategies to all levels of the organization.Your profileQualifications:Education: Bachelor’s or Master’s degree in Computer Science, IT Security, Business Informatics, or a related field.Experience: Minimum of 8 years in IT security with over 3 years of hands-on experience in Cyber Defense Operations Centers (CDC) or Security Operations Centers (SOC). Proven expertise in managing cybersecurity incidents, cyber defense operations, and threat intelligence with a strong technical background.Certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or similar. Incident Response certifications such as E|CIH, GCIH, or GEIR are preferred. IT vendor certifications, particularly in Microsoft Azure and Palo Alto, would be advantageous.Analytical Skills: Strong ability to analyze complex threat data, detect patterns, and develop actionable intelligence. Expertise in working with Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) to enhance security operations.Human Skills: Experience working within international teams, adept at managing intercultural communications, and promoting effective collaboration despite differing opinions or perspectives.Other Requirements: Fluency in both spoken and written English and German is a plus.Key Attributes:Innovative & Analytical: You challenge the status quo, bringing new ideas and innovative solutions to the table. You are constantly looking for ways to enhance processes, especially in cybersecurity and technical problem-solving.Team Player: While you thrive in individual tasks, you excel in collaborative environments and work well within cross-functional teams. You proactively offer assistance, contributing to team success even without being asked.Problem Solver: You are an independent thinker and an excellent listener, capable of delivering effective solutions. You maintain your composure under pressure and solve complex technical challenges with ease, particularly in the context of cybersecurity operations.Ownership & Accountability: You take full ownership of your work, ensuring accountability in every task. You deliver results that align with the organization’s goals and continually improve its cybersecurity defenses.Strong Communicator: You possess excellent verbal and written communication skills, adept at explaining complex technical issues to both technical and non-technical audiences. You aren’t afraid to speak up, ensuring clarity in all communications.Passionate & Motivated: You bring energy and enthusiasm to your work, balancing hard work with a positive attitude. You inspire and motivate those around you, staying engaged and driven to achieve top-tier results while enjoying your work.Technical Expertise: Your skills extend to working with cybersecurity frameworks, threat intelligence tools, and coding languages like Python, KQL, and XQL. You leverage this technical knowledge to innovate and solve security challenges.This role demands a high level of expertise, leadership, and communication skills, ensuring that you contribute significantly to cybersecurity efforts while fostering a culture of innovation and accountability.At Uniper, we not only reward our employees with attractive salaries, an excellent company pension and health-related benefits for their hard work and dedication to shaping the future energy transition. You can also expect a supportive working culture that offers a wide range of creative and innovative ideas. We enable various flexible working arrangements, whilst also supporting with home office equipment.Through regular training and workshops, together we work towards visualising yourself in our company as if it were your own. We support you in highlighting your individual potential, achieving your personal goals, and reaching your ambitions. We invite you to become part of our diverse company with international colleagues from more than 80 countries.Your contactIf you have any questions, please do not hesitate to contact us at:career@uniper.energyAttention! Please apply via the button in this portal. Application documents that reach us by post will not be returned and, like those we receive by e-mail, can unfortunately not be considered!As an employer, Uniper is committed to diversity and equal opportunities. Therefore, we encourage applications from suitably qualified individuals whose capabilities match the role requirements regardless of gender, origin, disability, age, religion, ideology, sexual identity or marital status. We live inclusion and support flexible working. #J-18808-Ljbffr