Skip to main content

Cyber Security Incident Responder

What's the Role?

As an enthusiast and passionate Cyber Security Incident Responder, you will be part of our international Security Operations Centre (SOC) organization. You will help us to protect our crown jewels in IT/IoT/OT by improving detection logic and define playbooks every day and resolve security incidents as they materialize. You work jointly with our Global IT Engineering teams, our Digital Software & Services teams and our Legal and Data Protection organization.

Who is Hilti?

Hilti is where innovation is improving productivity, safety and sustainability in the global construction industry, and beyond. Where strong customer relationships are creating solutions that build a better future. Where there is pride and a sense of belonging across our 120 locations, carrying right into our lives and homes. Where people are exploring possibilities, leveraging their potential, owning their personal development and growing lasting careers.

Global IT within Hilti is a truly global team with main hubs in Buchs (Switzerland), Kuala Lumpur (Malaysia) and Plano/Tulsa (USA). All locations have highly competent teams who work very closely together. Hilti`s Global IT team is known for their focus on sustainable value creation by translating latest IT innovations into value creating solutions & services.

What does the role involve?

Are you cool as a cucumber under pressure? Are you able to make quick decisions? Do you enjoy the investigation process? Are you a DFIR instead of CISSP or CEH, and you don`t have to look any of these acronyms up? Then this role might be right for you. One of your main responsibilities is to manage and lead the efforts of response to complex attacks against Hilti globally. You help to improve the security incident response processes on our growing cloud and on-premises environments. You support investigations and bring them to resolution or escalate to system owners in Global-IT. In addition, you report the outcomes of incident handling to senior management. You write scripts, playbooks, detection logic, and work on orchestration and automation our target system landscape (including SIEM, SOAR, EDR). In a professional manner you manage all stakeholder interactions with a strong emphasis on user satisfaction.

We want to build the most highly automated, and extremely agile SOC in the construction and manufacturing industry

What do we offer?

Show us what you’re made of and we’ll offer you opportunities to move around the business – to work abroad, experience different job functions and tackle different markets. It’s a great way to find the right match for your ambitions and achieve the exciting career you’re after.
We have a very thorough people review process, unlike any we know of in any other business. We can pair talent with opportunities - developing our people in their current roles or challenging them to work in new ways or in new places. It’s how we find the right fit, further our teams personally and professionally, get the best value for each employee and increase the job satisfaction. Additionally, we offer you a wide range of benefits.

What you need is:

Must have:
  • 3-5years’ experience working in Security Incident Response or related fields including threat hunting, intrusion analysis, malware analysis, cyber threat intelligence or security engineering
  • Knowledge and understanding of MITRE and SANS incident response frameworks and best practices
  • Good to have hand-on experience or knowledge and understanding in SIEM/XDR/SOAR/TIP/EDR, NDR platforms
  • Demonstrated experience in threat hunting activities.
  • Strongly preferred experience in malware analysis.
  • Willing to be on-call (standby) as part of business-as-usual operations
  • Certification: EC-Council’s Certified Incident Handler (ECIH), Security Ethical Hacker (CEH) would be an added advantage
Good to have:
  • Master’s degree in computer science, information systems, engineering or a related to information security, cyber, or computer network defense
  • Certification: CISSP, GCIH, GSEC
  • Working experience in the manufacturing industry
  • Experience with IoT systems and or OT systems
  • Experience in digital forensics
  • Experience in systems engineering

Why should you apply?

We thrive to mature into leading SOC organization with highly automated and extremely adaptive capabilities using latest technologies. We work in classical IT environments but also in IoT and OT environments where we anticipate a lot of progress and capability building in the future.

Interested for the role?
Click through the 'Apply Now' button where you will be asked to upload your CV and answer a couple of short questions–the whole process should take around 90 seconds. If we like what we see, you'll be invited to a telephone interview.
If we don't have a suitable role for you at the moment, we will keep you in our talent pool for the future so your recruitment process might take a bit longer, but we'll be sure to stay in touch.

Looking forward to hearing from you!


Work on projects that transform our business and shape the industry’s future.  

Work on projects that are transforming our business and shaping the industry's future. 

View more