(Senior) Information Security Engineer (f/m/d) - Security Operations Center

The GLS Group Security Operations Center is responsible for Security Monitoring, Incident Management, Vulnerability Management and Threat Intelligence.
As a SOC Engineer Tier 3, you will be responsible for designing and implementing automated solutions to improve the efficiency and effectiveness of the SOC. Your expertise will help streamline operations and reduce the time to detect and respond to threats. In your role you will report to the Manager Security Operations Center and support him in the cross-site operational management of information security within the GLS Group.
What can you expect with us?

• Develop and maintain automation scripts and tools for SOC operations
• Integrate various security platforms through APIs to automate workflows
• Enhance the company SOAR solution
• Provide expertise in security tool deployment and optimization
• Collaborate with other SOC members to mitigate threats effectively
• Use threat intelligence and indicators of compromise (IOCs) to identify stealthy attackers. Develop and refine threat detection rules and playbooks
• Collaborate with other teams to ensure seamless automation across security processes
• Conduct regular reviews of automation strategies to identify improvement areas
• Stay updated with the latest cybersecurity threats and incident response techniques
• Conduct advanced threat hunting to identify and mitigate stealthy attackers and potential weaknesses within the infrastructure
• Install and manage advanced security tools, ensuring proper detection and response capabilities
• Serve as a security advisor, offering expertise on the latest cybersecurity trends and best practices
• Participate in developing long-term security strategies

What do you bring to the table?

• Bachelor's degree in Computer Science, Information Technology, or a related field is preferred
• Proven experience in SOC automation and scripting
• Familiarity with programming languages (e.g., Python, PowerShell)
• Knowledge of SOAR platforms and integration techniques
• Experience in cybersecurity incident response
• Strong understanding of network protocols, encryption, and operating systems
• Familiarity with IDS/IPS, SIEM, and endpoint protection tools
• Relevant certifications such as CISSP, CSA, or equivalent are highly desirable
• Analytical mindset with attention to detail
• Strong coding and scripting capabilities
• Innovative thinking with a focus on process improvement
• Ethical and detail-oriented with a keen eye for spotting anomalies
• Curiosity and a passion for learning about systems, security tools, and networking
• Excellent communication skills for documenting and reporting findings
• Excellent analytical and problem-solving skills
• Ability to work independently and make decisions under pressure

We collect and analyze information on general usage behavior. This helps us and you, among other things, to measure the success of our advertising measures or to show you only relevant content.