The Senior SOC Engineer (m/f/d) is responsible for the design, maintenance, and enhancement of Security Operations Center (SOC) infrastructure and processes. They work closely with incident responders, analysts, and threat intelligence teams to optimize detection capabilities, improve SOC workflows, and ensure rapid incident triage and response.
Creating passion: your responsibilities
1. Use Case Development: Design and test new security use cases to enhance the detection and response capabilities of Liebherr’s SIEM system
2. Log Source Onboarding: Onboard and integrate various log sources into the SIEM system, ensuring comprehensive visibility across the organization’s IT environment
3. SOAR Playbook Implementation: Design, implement, and maintain SOAR playbooks to automate incident response processes and improve operational efficiency
4. System Optimization: Continuously evaluate and optimize the performance of the SIEM and SOAR systems to ensure they meet the evolving security needs of the organization. Also optimize costs in regards to Log sources and their retention
5. Threat Detection Engineering: Design and implement advanced detection techniques and perform threat hunting as well as lead tuning exercises and detection gap analysis
6. Collaboration: Work closely with the SOC team and other IT departments to ensure seamless integration of security tools and processes
7. Documentation: Maintain thorough documentation of use cases, log source configurations, and SOAR playbooks for future reference and compliance purposes
Contributing your strengths: your qualifications
8. Bachelor’s/Master’s in Cybersecurity, Computer Science, or related field
9. 6+ years in cybersecurity, ideally as SOC-Engineer
10. Hands-on knowledge of SIEM, and security analytics tools (e.g. Microsoft Sentinel, Microsoft Defender XDR, Elastic SIEM)
11. Familiarity with SOAR platforms and automation processes (especially Microsoft Logic Apps, Microsoft Sentinel Automations)
12. Experience in security log source onboarding & automation of security tasks
13. Proficiency in scripting and programming languages (e.g. Python, PowerShell) for automation tasks
14. English is a Must, German and French are a plus
15. Understanding of cybersecurity frameworks and standards (e.g. ISO27001, NIST, GDPR)
16. Strong analytical, problem-solving skills and communication skills
17. Following certificates are a plus: GIAC Python Coder (GPYC), GIAC Cloud Security Automation (GCSA), GIAC Security Operations Certified (GSOC), Cloud certifications (AWS, Azure, or GCP)
Our commitment to you: your benefits
As an internationally successful family business, the Liebherr Group offers you a secure job, a unique variety of tasks and exciting development opportunities. Become part of our strong team today and get to know the Liebherr Group as a reliable partner. Profit from these benefits:
18. Attractive salary and social benefits
19. Flexible and hybrid working
20. Freedom for creative work
21. Safe and secure workplace
22. Individual development and training opportunities
23. Meal voucher
24. Life and accident insurance
25. Private health insurance
26. Christmas and holiday bonus payments
Please only use the online application option.
Please note that we do not accept applications via recruitment agencies for this position.