CYBERSECURITY: DETECTION SPECIALIST
The detection specialist within the cybersecurity department is responsible, jointly with the team, to guarantee the detection and operation processes through a continuous monitoring for the security services, in order to detect security anomalies and events in the whole EMEA Region, and to run security operations activities in coordination with other teams across Holcim.
● Monitor, conclude and improve security deviations on different IT Services (Public Cloud, MBSS, network...).
● Support, coordinate and improve the Endpoint protection service (specifically on alerts & events, footprint monitoring and incident oversight and escalation management).
● Support the deployment of cyber security mechanisms in applications managed by the EMEA Digital Center (EDC) which deviate from the defined standards.
● Follow-up, report and support in the remediation of technical vulnerabilities in different IT assets, and help to organize pathing activity operations to ensure vulnerability exposure is reduced to the bare minimum.
● Fine tune the alerts and thresholds defined on the different IT Sec Tools.
● Improve and define SIEM use cases, log management policies and sources follow-up, alerts and thresholds, in order to leverage them within real time event monitoring activities or for future exploitation and usage.
● Ensure DevSecOps defined framework and practices are monitored and followed by the relevant stakeholders and support on fixing the deviations found.
● Support security incident management together with SOC and incident response teams.
● Monitor, conclude, maintain and improve different detection services as part of cyber security regular operations (CTI, threat hunting, leaked credentials, look-a-like domains, phishing alerts...).
● Review and support from a security standpoint to the weekly change advisory board in the change and demand review processes.
● User access management review and decision taken (approve or reject) for critical it accesses and its related cyber operations.
● Support from a security standpoint the business divestment and acquisitions, so that new entities comply with EDC’s standards, and risks are minimized in business to be sold.
● Maintain and improve the EMEA’s footprint knowledge base, to ensure continuous monitoring and deployment of cyber security controls and mechanisms take place.
● Work closely with the Protect and Response cyber security teams, to ensure standards and configurations in place are well understood, by ensuring the right detection capabilities are in place in case of a significant breach, and by providing all required support to the Response area in case of a crisis situation exists.
● Information technology University degree or equivalent.
● Being in possession of at least one cyber security certification from ISACA, ISC2, Sans Institute or equivalent.
● At least 4 years of experience in cybersecurity, ideally on detection processes.
● Candidates with a Cybersecurity Master or working on a SOC would be in advantage.
● Must have experience in Cybersecurity solutions (specially relevant: QRadar, SentinelOne, Tenable suite, AWS Security Hub, CISCO Umbrella, Forcepoint).
● Strong technical knowledge of cybersecurity threats and best practices.
● Experience with Risk Identification and Management.
● Knowledge of Vulnerability Management and Maintenance in Security Condition.
● Demonstrated ability to effectively handle multiple priorities and assignments.
● Works effectively with third parties (including offshore and nearshore service providers).
● Assist in prioritizing and executing tasks in a high pressure environment.
● Excellent written, oral and interpersonal communication skills in English. Spanish,
French, Arabic, German and/other languages used in the countries in which we operate
would be an advantage.
● Extensive experience working in a team-oriented and collaborative environment.
● Value inclusion within the day to day responsibilities by respecting others’ perspectives/convictions, engaging others’ opinions, creating a safe environment where people, ideas and opinions are valued within the team/“internal” customers and external partners.
● Respect and take into consideration diversity by valuing different world views, challenges and cultures that represent all walks of life and all backgrounds.
● Is sensitive to how people, cultures and organizations function. Deals comfortably with organizational politics. Steer through the organizational maze to get things done.
● Demonstrates positive thinking mindset, consistently identifying highlights.
● Shows a can-do attitude in good and bad times and act as a role model in terms of ethics and self-awareness.