Information Security Analyst (f/m/d) - Security Operations Center

The GLS Group Security Operations Center is responsible for Security Monitoring, Incident Management, Vulnerability Management and Threat Intelligence.
As a SOC analyst Tier 2 you will be responsible for managing and enhancing the organization's security posture. Your expertise will focus on incident response, threat hunting, and providing tactical guidance to strengthen our defenses against cyber threats. In your role you will report to the Manager Security Operations Center and support him in the cross-site operational management of information security within the GLS Group.
What can you expect with us?

• Monitor and analyze security alerts from various sources within the enterprise and determine possible causes of such alerts
• Perform in-depth analysis of log files, systems, and network traffic for signs of compromise or malicious activity
• Escalate confirmed incidents to the appropriate teams and provide guidance on response actions
• Conduct advanced incident response actions including tracking, and remediation
• Perform threat hunting to detect and isolate advanced threats that evade existing security solutions
• Refine and improve alert criteria
• Update and maintain standard operating procedures and protocols to ensure SOC operations remain effective and efficient
• Participate in the development and tuning of SIEM rules and other security tools
• Creation of security reports for management and specialist departments
• Collaboration in risk management in the area of information security

What do you bring to the table?

• Bachelor's degree in Computer Science, Information Technology, or a related field is preferred
• Several years of experience in cybersecurity, with at least 1 year in a SOC environment
• Knowledge of common cybersecurity frameworks and standards
• Experience with SIEM tools, endpoint detection and response (EDR) platforms, and other security tools
• Familiarity with incident response protocols and forensic tools
• Relevant certifications such as GCIH, GCIA, or CISSP are highly desirable
• In-depth understanding of network protocols, operating systems, and secure architectures
• Experience with SIEM tools, endpoint detection and response (EDR) platforms, and other security tools
• Proficient in incident handling and response
• Ability to conduct data analysis and interpret results to identify trends and attack strategies
• Curiosity and a passion for learning about systems, security tools, and networking
• Excellent communication skills for documenting and reporting findings
• Ability to work independently and make decisions under pressure