The Senior SOC Engineer (m / f / d) is responsible for the design, maintenance, and enhancement of Security Operations Center (SOC) infrastructure and processes. They work closely with incident responders, analysts, and threat intelligence teams to optimize detection capabilities, improve SOC workflows, and ensure rapid incident triage and response.
Location: Please note that the working location for this position will be in Madrid city centre, where we are currently setting up a new office. Until the office is fully set up within the next few months, you will have the possibility to work flexibly from home and continue with a hybrid working model. The position is not fully remote, and onsite presence will be required once our office is ready.
Responsibilities:
* Use Case Development: Design and test new security use cases to enhance the detection and response capabilities of Liebherr's SIEM system.
* Log Source Onboarding: Onboard and integrate various log sources into the SIEM system, ensuring comprehensive visibility across the organization's IT environment.
* SOAR Playbook Implementation: Design, implement, and maintain SOAR playbooks to automate incident response processes and improve operational efficiency.
* System Optimization: Continuously evaluate and optimize the performance of the SIEM and SOAR systems to meet evolving security needs and optimize costs related to log sources and retention.
* Threat Detection Engineering: Design and implement advanced detection techniques, perform threat hunting, lead tuning exercises, and conduct detection gap analysis.
* Collaboration: Work closely with the SOC team and other IT departments to ensure seamless integration of security tools and processes.
* Documentation: Maintain thorough documentation of use cases, log source configurations, and SOAR playbooks for future reference and compliance.
Qualifications:
* Bachelor's or Master's degree in Cybersecurity, Computer Science, or a related field.
* At least 6 years of experience in cybersecurity, ideally as a SOC Engineer.
* Hands-on knowledge of SIEM and security analytics tools (e.g., Microsoft Sentinel, Microsoft Defender XDR, Elastic SIEM).
* Familiarity with SOAR platforms and automation processes (especially Microsoft Logic Apps, Microsoft Sentinel Automations).
* Experience in security log source onboarding and automation of security tasks.
* Proficiency in scripting and programming languages (e.g., Python, PowerShell).
* English is required; German and French are a plus.
* Understanding of cybersecurity frameworks and standards (e.g., ISO27001, NIST, GDPR).
* Strong analytical, problem-solving, and communication skills.
* Certifications such as GIAC Python Coder (GPYC), GIAC Cloud Security Automation (GCSA), GIAC Security Operations Certified (GSOC), or cloud certifications (AWS, Azure, GCP) are a plus.
Benefits:
* Attractive salary and social benefits.
* Flexible and hybrid working arrangements.
* Creative freedom in your work.
* Secure and stable workplace.
* Opportunities for personal development and training.
* Meal vouchers.
* Life and accident insurance.
* Premium private health insurance options.
* Bonus payments for Christmas and holidays based on collective agreements.
Application process: Please apply online only. We do not accept applications via recruitment agencies for this position. If interested, we look forward to your application. For questions, contact Ivana Kiesewetter.
One Passion. Many Opportunities.
About Liebherr: Liebherr is a family-run technology company, one of the largest construction machinery manufacturers worldwide, offering high-quality, user-oriented products and services. The Group employs nearly 50,000 people across more than 140 companies globally.
Location: Liebherr IT Service Center Ibrica S.L., Madrid, Spain (ES)
Contact: Ivana Kiesewetter
Required Experience: Senior IC
Key Skills: Laboratory Experience, Vendor Management, Design Controls, C / C++, FDA Regulations, Intellectual Property Law, ISO 13485, Research Experience, SolidWorks, R&D, IoT, Product Development
Employment Type: Full-Time
Experience: Years
Vacancy: 1
#J-18808-Ljbffr