Senior Security Operations Center Analyst (f/m/d)

Job description

What your day will look like

We are looking for a highly experienced and technically skilled Senior Security Operations Centre (SOC) Analyst to join our team and play a key role in identifying, investigating, and responding to advanced security threats, issues and vulnerabilities across our organization.

This role requires deep expertise in monitoring and securing endpoints, networks, cloud platforms, applications, and infrastructure, with the ability to manage complex incidents independently and drive continuous improvement within the SOC function.

As a senior member of the team, you will lead investigations into sophisticated threats such as advanced persistent threats (APTs), malware outbreaks, and targeted attacks.

You will perform hands-on analysis of security events, including forensic evidence collection and root cause analysis, and contribute to the development of detection capabilities across SIEM, EDR, and other monitoring tools.

You will actively engage in threat hunting, leveraging your deep understanding of application code, infrastructure and hosting architectures (cloud and on-premise), the software development lifecycle (SDLC), and CI/CD pipeline solutions to identify risks that span traditional and cloud-native environments.

You will also play a key role in implementing and refining automation and playbooks utilising SOAR platforms to accelerate response efforts and reduce operational overhead.

The ideal candidate will have a strong technical foundation and a proactive mindset, with a passion for staying ahead of current and emerging threats.

You will collaborate closely with IT, DevOps, and application teams to improve detection coverage, enhance SOC processes, and ensure security operations are aligned with industry best practices and compliance requirements.

This role encompasses reactive incident response, proactive detection engineering, threat hunting, and vulnerability management.

You will also contribute to strategic initiatives including penetration testing coordination, security assessments, and audit preparation, while mentoring analysts, sharing threat intelligence insights, and maintaining SOC documentation and workflows.

This role sits within the Product Operations and Corporate IT branch, reporting to the Director of Cyber Security and Networking, and operates as part of the broader Cyber Security, Network, and Security Engineering teams.

Main responsibilities:

What you need to fulfill the role

You Must Have:

Language & Communication

· Proficiency in spoken and written English, with the ability to communicate effectively across both technical and non-technical audiences

· The ability to communicate difficult or sensitive information tactfully

Education & Experience:

· A bachelor’s degree in Cyber Security or a related field, or equivalent professional experience

· Strong knowledge of cybersecurity principles, threat landscapes, and incident response procedures

· Awareness of current and emerging cyber threats affecting SaaS organisations

Technical Skills:

· Hands-on experience with implementation, ongoing management and maturing of Security Information and Event Management (SIEM) tools, Endpoint Detection and Response (EDR) platforms, threat intelligence platforms, and vulnerability identification tools

· Experience integrating custom-built applications into SIEM platforms

· Experience with implementation of automation solutions, enhancing SOC efficiency and speeding incident response

· Familiarity with Security Orchestration, Automation, and Response (SOAR) platforms, including developing and maintaining automated response playbooks

· Experience with threat hunting focused on application code, application, infrastructure and hosting architecture, leveraging coding skills and a solid understanding of the software development lifecycle (SDLC) and infrastructure components

· Experience managing security issues identified through internal tools and external assessments, ensuring remediation is completed in line with company policies and standards

· Knowledge of common security frameworks and best practices

· Experience implementing solutions to detect and block security risks in CI/CD pipelines to prevent vulnerable code from being deployed into production

SOC Operations:

· Experience in complex incident response and investigation, including forensic evidence handling and root cause analysis

· Experience managing business-as-usual (BAU) security operations workload alongside project-based work, both independently and in coordination with other team members

· Experience managing outputs from cybersecurity assessment tools, coordinating timely mitigation and remediation with key stakeholders.

· Experience coordinating outsourced penetration tests, ensuring smooth execution without service disruption

· Experience conducting security assessment exercises to evaluate SOC operational effectiveness and the organisation’s ability to respond to cybersecurity incidents

· Experience in tuning detection rules and alerts to improve accuracy and reduce false positives in security monitoring

Technical Expertise:

· Experience with Azure, Azure AD, and AWS technologies and services

· Experience conducting forensic analysis of cybersecurity incidents

Teamwork & Leadership:

· A positive, self-motivated attitude

· The ability to work effectively in a team environment, collaborating with cross-functional teams to achieve shared objectives

· Strong time management and prioritisation skills, with the ability to manage your own workload

· The ability to perform effectively under pressure, prioritise tasks, and make sound decisions in high-stress or emergency situations

· A proactive mindset with the ability to critically evaluate your own work, identify improvement opportunities, and automate, simplify, or standardise processes where appropriate

It Would Be Good to Have:

Language Skills:

· Proficiency in German (spoken and written)

SOC Operations

· Experience conducting red or purple team exercises to validate detection capabilities and improve response playbooks

· Familiarity with security operations in containerised environments and microservices architectures (e.g., Kubernetes, Docker)

Technical Skills:

· Understanding of advanced detection engineering techniques, such as creating custom correlation rules and behavioural analytics in SIEM platforms

· Exposure to secure software development practices and security testing of APIs, containers, and cloud-native applications

· Experience conducting both external and internal penetration testing of applications and infrastructure.

Technical Expertise:

· Experience with Microsoft Sentinel SIEM Solutions

· Experience working within a SaaS or software-driven organisation, particularly in multi-tenant or cloud-native environments

Experience with AI technologies, including understanding the cybersecurity threats they pose to organizations and how they can be leveraged to enhance operational effectiveness.

What we offer

Required Skill Profession

Computer Occupations