What's the Role?
As an enthusiast and passionate Cyber Security Incident Responder, you will be part of our international Security Operations Centre (SOC) organization. You will help us to protect our crown jewels in IT/IoT/OT by improving detection logic and define playbooks every day and resolve security incidents as they materialize. You work jointly with our Global IT Engineering teams, our Digital Software & Services teams and our Legal and Data Protection organization.
Who is Hilti?
Hilti is where innovation is improving productivity, safety and sustainability in the global construction industry, and beyond. Where strong customer relationships are creating solutions that build a better future. Where there is pride and a sense of belonging across our 120 locations, carrying right into our lives and homes. Where people are exploring possibilities, leveraging their potential, owning their personal development and growing lasting careers.
Global IT within Hilti is a truly global team with main hubs in Buchs (Switzerland), Kuala Lumpur (Malaysia) and Plano/Tulsa (USA). All locations have highly competent teams who work very closely together. Hilti`s Global IT team is known for their focus on sustainable value creation by translating latest IT innovations into value creating solutions & services.
What does the role involve?
Are you cool as a cucumber under pressure? Are you able to make quick decisions? Do you enjoy the investigation process? Are you a DFIR instead of CISSP or CEH, and you don`t have to look any of these acronyms up? Then this role might be right for you. One of your main responsibilities is to manage and lead the efforts of response to complex attacks against Hilti globally. You help to improve the security incident response processes on our growing cloud and on-premises environments. You support investigations and bring them to resolution or escalate to system owners in Global-IT. In addition, you report the outcomes of incident handling to senior management. You write scripts, playbooks, detection logic, and work on orchestration and automation our target system landscape (including SIEM, SOAR, EDR). In a professional manner you manage all stakeholder interactions with a strong emphasis on user satisfaction.
We want to build the most highly automated, and extremely agile SOC in the construction and manufacturing industry
What do we offer?
Show us what you’re made of and we’ll offer you opportunities to move around the business – to work abroad, experience different job functions and tackle different markets. It’s a great way to find the right match for your ambitions and achieve the exciting career you’re after.
We have a very thorough people review process, unlike any we know of in any other business. We can pair talent with opportunities - developing our people in their current roles or challenging them to work in new ways or in new places. It’s how we find the right fit, further our teams personally and professionally, get the best value for each employee and increase the job satisfaction. Additionally, we offer you a wide range of benefits.
What you need is:
- 3-5years’ experience working in Security Incident Response or related fields including threat hunting, intrusion analysis, malware analysis, cyber threat intelligence or security engineering
- Knowledge and understanding of MITRE and SANS incident response frameworks and best practices
- Good to have hand-on experience or knowledge and understanding in SIEM/XDR/SOAR/TIP/EDR, NDR platforms
- Demonstrated experience in threat hunting activities.
- Strongly preferred experience in malware analysis.
- Willing to be on-call (standby) as part of business-as-usual operations
- Certification: EC-Council’s Certified Incident Handler (ECIH), Security Ethical Hacker (CEH) would be an added advantage
- Master’s degree in computer science, information systems, engineering or a related to information security, cyber, or computer network defense
- Certification: CISSP, GCIH, GSEC
- Working experience in the manufacturing industry
- Experience with IoT systems and or OT systems
- Experience in digital forensics
- Experience in systems engineering
Why should you apply?
Interested for the role?
Click through the 'Apply Now' button where you will be asked to upload your CV and answer a couple of short questions–the whole process should take around 90 seconds. If we like what we see, you'll be invited to a telephone interview.
If we don't have a suitable role for you at the moment, we will keep you in our talent pool for the future so your recruitment process might take a bit longer, but we'll be sure to stay in touch.
Looking forward to hearing from you!