Senior SOC Engineer (m/f/d)
Düsseldorf, United Kingdom
StepStone Group
Our AI-driven job marketplaces, programmatic-powered marketing solutions and customer-centricity find the perfect candidate quickly and equitablyCompany Description
At The Stepstone Group, we help everyone get the job that best fits their life. Whether it is the next step in their career, or a job to pay the bills - we exist to match lifestyles with livelihoods.
We play our part by giving people everything they need to find the right job for them in that moment; making jobs work for more people, whatever they do, and however they choose to do it.
Job Description
As a Senior SOC Engineer you will be responsible for monitoring, analysing and responding to security threats, using tools like SIEM and EDR platforms.
You'll lead the team in incident detection and response efforts, ensuring swift containment and recovery. Your role involves automating security workflows using Python to enhance efficiency and leveraging the MITRE ATT&CK framework to map and analyse threats and create a staged visualization of the relevant attacks that potentially will materialize.
You will play a vital role as we reimagine the labour market to make it work for everybody.
Your responsibilities:
- Analyse security data from diverse sources, including logs, EDR solutions, and network traffic, to identify and assess threats. Coordinate and lead security incident response efforts, including containment, eradication, and recovery.
- Develop and implement automation scripts and playbooks using Python to streamline incident detection, response, and reporting processes.
- Automate security alert triage, enrichment, and remediation workflows to reduce response time and improve efficiency.
- Use the MITRE ATT&CK framework to classify attack vectors, understand adversary behaviour, and enhance detection capabilities.
- Map security incidents and alerts to the MITRE ATT&CK tactics, techniques, and procedures (TTPs) for comprehensive analysis. Manage and configure EDR platforms for real-time endpoint monitoring and protection.
Qualifications
Your skills and qualifications:
- 5+ years of experience in a Security Operations Center (SOC) or similar role with hands-on experience with SIEM tools (e.g., Sentinel, QRadar, ArcSight).
- Proficient in Python for automation and scripting.
- Strong understanding of Incident Response processes and methodologies and experience with MITRE ATT&CK framework to map and analyse threats.
- Knowledge of Endpoint Detection and Response (EDR) platforms (e.g., CrowdStrike, Carbon Black, SentinelOne). Familiarity with threat hunting techniques and processes.
- Certifications such as GSEC, CISSP, OSCP, MaD are preferred.
Additional Information
We believe in giving recognition to our employees, so if you are interested to find out more, please look at the The Stepstone Group career site.
- Your start at The Stepstone Group: We want you to feel comfortable right from the get-go and you can begin networking immediately. That's why we always start with an onboarding event lasting several days, during which you get to know your new colleagues, our products and our culture. After that, the onboarding continues in your department - with several weeks of individual training.
- Your further development: We are growing - and of course we want you to grow with us. We will support you with targeted training that will help you develop both personally and professionally.
- Big player with start-up flair: Even though we've grown quite a bit, we haven't lost our laidback attitude from the early days. In concrete terms, this means that we are on a first-name basis, we have short communication channels, flat hierarchies and super helpful colleagues.
- Social Days: Talk is silver, action is golden - which is exactly why all our employees have 2 Social Days a year. These can be used flexibly for social and sustainable commitment. And the best thing about it: you don't have to take any holidays.
- Holidays: While we're on the subject of holidays ... We offer 30 days of paid leave per year plus one customary day. And we always have Christmas and New Year's Eve off.
- Job-bike: And we also have good news for all cyclists: with our Job-bike offer, we support you in getting to the office quickly and sustainably.
- Mobile Office: This is also possible with us! As a general rule, we offer two days of remote working per week. Feel free to ask directly during the interview to find out what the policy is for your role.
- Even more benefits: Christmas party, summer party, team events, incentives, subsidization on our company pension scheme and great offers at wholesale rates (e.g. for mobile phone contracts, Sixt and hotel bookings with HRS) - our list is long. There's bound to be something for you too!
Our commitment
Equal opportunities are important to us. We believe that diversity and inclusion at The Stepstone Group are critical to our success as a global company, so we want to recruit, develop, and keep the best talent. We encourage applications from everyone, regardless of background, gender identity, sexual orientation, disability status, ethnicity, belief, age, family or parental status, and any other characteristic.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: ArcSight Automation Carbon Black CISSP CrowdStrike EDR GSEC Incident response MITRE ATT&CK Monitoring OSCP Python QRadar Scripting Sentinel SIEM SOC TTPs
Perks/benefits: Career development Flex vacation Parental leave Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.