Detection and Response Engineer (m/f/d)
Düsseldorf, Germany
METRO/MAKRO
METRO is a partner of many small and mid-sized independent companies. Their success is our business. The group is headed by METRO AG, which acts as the central management holding company.Company Description
As a leading international food wholesaler, we at METRO are specialized in catering to the needs of hotels, restaurants, caterers (HoReCa), independent merchants (Traders), and more. With approximately 15 million customers worldwide, our unique multichannel mix offers the flexibility of purchasing goods in-store or via our digitally connected Food Service Distribution (FSD) delivery. In addition, we are continuously expanding our international online marketplace, METRO MARKETS, to meet the needs of our professional customers. We furthermore take pride in our commitment to sustainability which is considered in all our actions and being listed in various sustainability indices and rankings for years is proof for our dedication (e. g. MSCI, CDP). With our business operations spanning 32 countries, over 90,000 employees worldwide and generating sales of around €30 billion in the fiscal year 2022/23, we are determined to continue our journey to growth.
At METRO, we have set ourselves ambitious goals with our “sCore” growth strategy which is closely accompanied by our Fundamentals. These shared values provide us with rules of conduct that are binding for everyone at METRO, in all countries and companies. Our commitment to wholesale is at the forefront of our mission, and we are constantly striving to improve. With our ONE METRO spirit, everyone stands together, bringing curiosity, determination, courage, drive, commitment, and trust. Find out more about METRO at careers.metroag.de.
Job Description
...to oversee and drive the development, maintenance, and strategic direction of Detection and Response capabilities within the METRO AG. The role serves as a central role responsible for defining the Security Operations Center (SOC)engineering capabilities, prioritizing features, gathering requirements, and ensuring that SOC align with business objectives and related compliance and information security requirements.
You will be part of a team that is responsible to establish METRO AG wide Detection and Response capabilities to safeguard METRO AG´s assets and to ensure timely detection and response to cyber security threats and incidents.
Your tasks:
- Evaluate and design cyberdefense capabilities and target architecture to ensure they align with the best practices and security standards, as well as fit in overall METRO AG architecture and Cyber Security strategy.
- Collaborate with Security Architecture team and other stakeholders, to develop and maintain the advanced threat detection and mechanisms to protect METRO AG’s assets effectively.
- Oversee the scope, coverage and performance of the METRO AG SOC tools and technologies, including SIEM, SOAR, identities, network and endpoint detection and response capabilities to protect the METRO AG assets.
- Collaborate and provide business and technical expertise to MSSP Engineers to optimize the MSSP service delivery scope, coverage, and quality.
- Develop and implement automation workflows to enhance METRO AG’s SOC efficiency and response times.
- Mentor Detection and Response team and facilitate knowledge sharing to improve the overall expertise of the Detection and Response team.
Qualifications
Educational Background: A degree related to cybersecurity or a relevant field is required.
Experience: A minimum of 3 years of hands-on experience in cyber security and threat detection is essential.
Advanced Threat Detection Expertise: Demonstrated deep knowledge of advanced threat detection mechanisms and the ability to stay up-to-date with evolving threat landscapes. This includes a thorough understanding of emerging threats, attack vectors, and countermeasures.
SOC Tools and Technologies: Proficiency in utilizing Security Operations Center (SOC) tools and technologies, including SIEM (Security Information and Event Management), SOAR (Security Orchestration, Automation, and Response), identities management, network detection, and endpoint detection. Familiarity with SIEM tools such as Splunk, Google SecOps, Azure Sentinel as well as EDR tools like Crowdstrike or Microsoft Defender is essential.
MSSP Collaboration: Familiarity with Managed Security Service Provider (MSSP) standards and practices, including the ability to collaborate effectively with MSSP engineers. This collaboration should involve aligning strategies and ensuring the integration of MSSP services with in-house security operations.
Automation Proficiency: Proven experience in implementing automation workflows within the context of cybersecurity. This includes streamlining and optimizing security processes, enhancing incident response, and leveraging automation for improved threat detection and mitigation.
Additional Information
What we offer:
- You are part of an international and experienced team with a high degree of personal responsibility and independence in a friendly, highly dynamic, and proactive environment
- You will gain insight into the management holding of an international, listed retail group and work operationally on challenging projects
- We actively support you in your professional development and promote your potential through collegial coaching and advice
- We offer you flexible home office solutions, employee discounts in our wholesale stores as well as an attractive compensation package
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation Azure Compliance CrowdStrike DART EDR Incident response SecOps Security strategy Sentinel SIEM SOAR SOC Splunk Strategy Threat detection
Perks/benefits: Career development Home office stipend Startup environment
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.