CYBER SECURITY INCIDENT RESPONDER (m/f/x)
What's the role?
As an experience Cyber Security Incident Responder, you are part of our international Security Operations Centre (SOC) organization. You will help us to protect our crown jewels in IT/IoT/OT by improving detection logic and define playbooks every day and resolve security incidents as they materialize. You will work in close collaboration and partnership with our newly established Chief Cyber Security Officer organisation in Switzerland, our Global IT Engineering teams, our Digital Software & Services teams, and our Legal and Data Protection organization and external service providers.
Who is Hilti?
We provide leading-edge tools, technologies, software, and services for the global construction sector. Hilti is a multicultural workplace with some 30,000 people in more than 120 countries committed to global teamwork.
The IT department within Hilti is a truly global team with main hubs in Buchs (Switzerland), Kuala Lumpur (Malaysia), and Plano/Tulsa (USA). All locations have highly competent teams who work very closely together. Hilti’`s Global IT team is known for their focus on sustainable value creation by translating latest IT innovations into value creating solutions & services.
What does the role involve?
You will manage and lead the response efforts to complex attacks against Hilti globally and seek to consistently mature the security incident response processes that are specific to our growing cloud and on-premise environments. You will support forensic investigations and bring to resolution or escalate to appropriate system owners in Global IT and report the outcomes of incident handling to senior management. You will perform threat hunting, write scripts, work also on orchestration and automation. You will propose new detection logic and design, test and automate playbooks for IT, IoT and OT in our target system landscape (including SIEM, SOAR, EDR).
You will manage all stakeholder interactions in a professional manner with a strong emphasis on user satisfaction. You will also contribute to the overall performance and success of the SOC function. You will closely collaborate with Cyber Security Engineers and other Cyber Security specialists in the team and with colleagues in IT Operations to improve the overall security posture of the Hilti.
What do we offer?
We give you the autonomy to identify the right technology solutions for our customers. We also encourage you to grow, not only in this role, but also beyond - you will be able to move around the business, to experience various job functions and even work abroad in different markets. Our IT department is located in Buchs SG, Switzerland in the beautiful and mountainous Rhine Valley. It is in convenient walking distance to the city center and train station as well as in close proximity to our corporate headquarters in Schaan, Liechtenstein.
As integral part of our performance oriented yet caring culture we want you to work your best. Offers such as flexible working/part time arrangements, comprehensive insurance and pension plans, day care for your children are just some of the ways we do that. Additionally, Hilti e-bikes are readily available for you to use free of charge!
Why should you apply?
We want to mature into leading SOC organization with highly automated and extremely adaptive capabilities using latest technologies. We work in classical IT environments but also in IoT and OT environments where we anticipate a lot of progress and capability building in the future.
What you need is:
- Must Have
- Master’s degree in computer science, information systems, engineering or a related technical discipline related to information security, cyber, or computer network defense
- 5 + years’ experience working in Security Incident Response or related fields
- Proven subject matter expertise in relevant areas, such as threat hunting, intrusion analysis, malware analysis, cyber threat intelligence or security engineering
- Strong analytical and problem-solving skills paired with excellent interpersonal and communication skills
- Knowledge of MITRE and SANS incident response frameworks and best practices
- Must have hand-on experience in SIEM/XDR/SOAR/TIP/EDR, NTA platforms
- Fluent in English (verbally and written)
- Two or more of the following: CISSP, GCIH, GSEC, FOR EC-Council’s Certified Incident Handler (ECIH), SEI Computer Security Incident Handler (CSIH)
- Good to have
- Working experience in the manufacturing industry
- Understanding on analyzing related data sets
- Familiarity with multi cloud environments
- Experience in conducting penetration testing
- A thirst to learn and challenge yourself
We look forward to receiving your application
Hilti is an equal opportunity employer.