Component Lead - Security Analysts (m/f/x)

Company Description

As the IT of the REWE Group Austria, we work together with our more than 600 employees to develop innovative IT products and services for all our corporate divisions in Austria and abroad, setting the tone for modern trade. 
 

This Component Lead position will be responsible for the management and administration of the staff, acting as team lead for the Security Analysts of all grades, providing technical oversight, performance monitoring, process implementation and holistic support.  
The primary focus of this role is to lead the team as well as participate in investigations, including identification and reporting on cyber threats. You will coordinate resources during incident response efforts, act as primary security incident manager, assist with classifying security events, develop remediation guidance, support documentation and assist with system security compliance. 

Job Description

• Provide leadership to Security Operations Center Analysts
• Training and mentoring the security analysts in the Security Operations team in the development of their cybersecurity knowledge, security specialization area and ongoing understanding of the current threat landscape 
• Responding to security incidents, providing security recommendations and incident handling as required 
• Ensuring security team adherence to internal policies, procedures, playbooks and guidelines 
• Maintaining and developing internal processes, security procedures and remediation guidelines within business compliance requirements (eg. GDPR, ISO27001, NIS 2) 
• Identifying opportunities to improve SOC Monitoring and Detection based on current threat landscape, best practices, lessons learned etc. 
• Form requirements and needs for technical implementation of use cases towards internal SOC teams, focused on active collaboration 
• Provide advice and guidance on procedural and technical security controls 
• Provide advice and guidance to other teams within the business on good practice and maintain relevant and current industry knowledge 
• Troubleshooting and helping to resolve security issues 
• Acting as subject matter expert and primary escalation point of contact for security questions from internal teams 
• Prepare reports of analysis and results to provide briefings to senior management 
• Investigate, document and report on information security issues and emerging trends 
• Contribute to the development and implementation of security governance in IT, ensuring application and infrastructure security principles are applied during design and into business as usual processes to reduce risk, drive adoption and adherence to policies, standards and guidelines by the wider business 

Qualifications

• 5+ years of experience working in a security operations environment, preferably in a senior security technical role or leading Security Analysts/Manager 
• 2-3+ years of team lead/management experience 
• Successfully completed studies (computer science, information security, IT security, cybersecurity) or comparable training 
• Experience with Security Operations Center, network event analysis and/or threat analysis 
• Experience working as an Incident Responder 
• Strong knowledge of industry standard SOC tools usage and implementation. 
• Strong knowledge of various security methodologies and technical security solutions 
• Advanced knowledge of current vulnerabilities and attacks 
• Technical expertise in network security including VPN, firewall, web server security and Cloud 
• Experience analyzing data from cybersecurity monitoring tools, including proven record in using SIEM, XDR, EDR, NDR, PAM and Threat Intelligence solutions 
• Ability to analyze endpoint, network, and application logs 
• A track record of delivery working within a fast paced and pressured environment 
• Excellent spoken and written communication skills for both technical and non-technical audiences in German and English 
• Industry certifications such as: CISSP/CISM, SANS GIAC Certifications,  C.E.H/L.P.T, or other relevant certs are considered a plus 
• Entrepreneurial mindset and strong analytical and conceptual skills 
• A precise, responsible mindset and reliability are among your strengths 
• Very good presentation and moderation skills 
• Technical knowledge of the products – Splunk, SentinelOne, Proofpoint, Cyberark is an advantage 
• Knowledge of frameworks and standards in the SOC environment such as Cyber Kill Chain, MITTRE, SOC CMM or similar standards 
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one 
• Ability to perform independent analysis of complex problems and distill relevant findings and root causes 
• Strong problem-solving and troubleshooting skills 

Additional Information

• Long-term, interesting and varied work for a reliable employer in a supportive team
• A family-friendly company culture with flexible working hours and remote working options available according to your individual needs
• Numerous training and further development opportunities within the Group (5% of working time for self-organized training and education)
• Staff shopping and travel discounts
• Easy public access and on-site parking
• An attractive annual gross salary, market-compliant and performance-related, starting at EUR 65.000 with the possibility of higher pay based on your qualifications and professional experience