Senior Cybersecurity Engineer (all genders)
Berlin, Germany
Zalando
Ilmainen toimitus useimmille tilauksille* ja ilmainen palautus | Suosikkimerkkien vaatteet, kengät & asusteet naisille, miehille ja lapsille Zalandolta | Uusia tuotteita joka päiväTHE ROLE & THE TEAM
Security Incidents have a high potential to cause a severe business impact on the organization. They often involve ambiguity, complexity, and the need for off-playbook approaches and solutions to manage unprecedented problems. Flexibility, fast movement, and the ability to reduce complex situations to individual components to allow action-taking are key during such situations.
The Senior Cybersecurity Engineer coordinates task forces to respond to major Information Security Incidents. They act as a primary point of contact for all parties involved and contain, eradicate, and recover Information Security Incidents.
Most of their time, they will work during core business hours but also regularly on-call outside of business hours and on weekends.
INCLUSIVE BY DESIGN
At Zalando, our vision is to be the leading pan-European ecosystem for fashion and lifestyle e-commerce - one that is inclusive by design. We only assess candidates based on qualifications, merit, and business needs. We welcome applications from people of all gender identities, sexual orientations, personal expressions, racial identities, ethnicities, religious beliefs, and disability statuses. We only want to know why you’re great for this role, so please avoid including your picture, age, and marital status in your CV as well.
We want to provide you with a great candidate experience. Please feel free to inform us of any accommodations you may need, so we can best support and assist you throughout the hiring process.
do.BETTER - our diversity & inclusion strategy: https://jobs.zalando.com/en/our-culture/diversity-and-inclusion
WHAT WE’D LOVE YOU TO DO (AND LOVE DOING)
Drive 2nd and potentially 3rd level incident response activities supported by a task force which you lead through the entire Security Incident Lifecycle;
Coordinate the investigation activities of involved Cybersecurity Engineers from all levels;
Partner with engineering teams and other on-call staff to drive the investigation and response and facilitate swift decision-making;
Interact with platform partners on 3rd party Incidents to evaluate the potential impact on Zalando;
Steer stakeholder communication on the highest level, keeping stakeholders in a close loop and serving as the primary point of contact throughout the entire Incident Response Lifecycle; You interact directly with senior executives, equipping them with critical information required for swift decision-making; You will also own the quality of our forensic incident investigation reports;
When not managing Incidents, you continuously improve our monitoring coverage, and design and execute tabletop exercises to ensure all CSIRT members and Stakeholders understand their roles and can execute their responsibilities during an incident.
WE’D LOVE TO MEET YOU IF
You have over 5 years of experience as a Cybersecurity Engineer within a Cyber Defense Team, CSIRT, or SOC (3rd level), and are adept at handling on-call responsibilities outside of business hours;
You possess excellent verbal and written communication skills, with a proven track record in writing forensic incident investigation reports and effectively engaging with stakeholders;
You are skilled at quickly assessing situations, evaluating the effectiveness of various tactics, and making rapid decisions on appropriate courses of action during incidents;
You have extensive experience in security monitoring, detection, and analysis methodologies and technologies, including network-based intrusion detection systems, extended detection and response solutions (XDR), web application and network firewalls, and SIEM solutions;
You bring demonstrable expertise in safeguarding assets on AWS and managing Kubernetes deployments within the AWS environment and have hands-on experience with AWS native security tools. Additionally, your background includes monitoring Google Workspace or similar environments;
You have a thorough understanding of the MITRE ATT&CK Framework, the Cyber Kill Chain, and NIST, and possess hands-on experience with programming/scripting languages such as Python, Go, PowerShell, and Bash to streamline security operations.
OUR OFFER
Zalando provides a range of benefits, here’s an overview of what you can expect. Ask your Talent Acquisition Partner to learn more about what we offer.
Employee shares program
40% off fashion and beauty products sold and shipped by Zalando, 30% off Lounge by Zalando, discounts from external partners
2 paid volunteering days a year
Hybrid working model with up to 60% remote per week, actual practice is up to each team to best support their collaboration
Work from abroad for up to 30 working days a year
27 days of vacation a year to start for full-time employees
Relocation assistance available (subject to prior agreement)
Family services, including counseling and support
Health and wellbeing options (including Wellhub, formerly Gympass)
Mental health support and coaching available
Drive your development through our training platform and biannual peer-to-peer review
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: AWS Bash CSIRT Cyber defense Cyber Kill Chain E-commerce Firewalls Incident response Intrusion detection Kubernetes MITRE ATT&CK Monitoring NIST PowerShell Python Scripting SIEM SOC Strategy XDR
Perks/benefits: Career development Fitness / gym Health care Relocation support Startup environment
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.