(Senior) Security Analyst (m/f/x)
Rewe Group
- Wiener Neudorf, Niederösterreich
- € 45.100 pro Jahr
- Unbefristet
- Vollzeit
- Respond to security incidents according to the security incident response policy and procedures
- Provide technical guidance to first responders for handling information security incidents
- Provide timely and relevant updates to appropriate stakeholders and decision makers
- Communicate investigation findings to relevant stakeholders to help improve the information security posture
- Validate and maintain incident response plans and processes to address potential threats
- Compile and analyze data for management reporting and metrics
- Monitor relevant information sources (such as specific technology related news, Twitter, LinkedIn and information sharing and analysis centers) to stay up to date on current attacks and trends
- Analyze potential impact of new threats and establish new use cases together with our security platform engineers
- Perform or participate in root-cause analysis to document findings, and participate in root-cause elimination activities as required
- Create runbooks for frequently occurring incidents to automate or at least assist with the resolution of those cases
- Together with our security engineers you develop new use cases to further improve our capabilities
- Expand the reach of our existing tooling by onboarding new data sources and systems
- Work in close partnership with our infrastructure teams, information security officer and colleagues from the REWE Digital SOC
- Support an open feedback culture and a forward-looking error culture (learning organization)
- As part of your work, you identify potential security risks and forward them to the necessary authorities
- At least 3+/5+/8+ years of relevant professional experience as a security analyst or similar role in a security operation center
- Successfully completed studies (computer science, information security, IT security, cybersecurity) or comparable hands on training
- Certified Information Systems Security Professional (CISSP) and/or Global Information Assurance Certification (GIAC) would be a benefit and/or other similar certifications
- Experience in solving problems and conflicts in complex corporate structures
- Strong problem-solving and troubleshooting skills
- Ability to work extremely well under pressure while maintaining a professional image and approach
- Ability to perform independent analysis of complex problems and distill relevant findings and root causes
- Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
- Knowledge of frameworks and standards in the SOC environment such as Cyber Kill Chain, MITTRE or similar standards
- Proven record in using SIEM solutions, XDR, EDR, NDR and PAM
- Technical knowledge of the products – Splunk, SentinelOne, Proofpoint, Cyberark is an advantage
- Technical expertise in network security, including VPN, firewall, web server security and Cloud
- Specific OT and IoT knowledge are considered a plus
- Knowledge of at least one scripting language (e.g. Perl, Python and PowerShell)
- A precise, responsible mindset and reliability are among your strengths
- Very good presentation and moderation skills
- Entrepreneurial mindset and strong analytical and conceptual skills
- Highly proficient in spoken and written English
- A willingness to learn the local language
- Long-term, interesting and varied work for a reliable employer in a supportive team
- A family-friendly company culture with flexible working hours and remote working options available
- Staff shopping and travel discounts
- Numerous training and further development opportunities within the Group (5% of working time for self-organized training and education)
- On-site parking
- A lunch allowance
- A market-compliant, attractive and performance-related annual gross salary from EUR 45,100 with the willingness to overpay with appropriate experience and qualifications