About this job

RUAG International is an international technology group focusing on the aerospace industry and employs more than 6000 employees worldwide. 67 different nationalities work at RUAG to produce innovative solutions to today’s and tomorrow’s challenges. Our business segments Aerostructures and Space are supported by the functions; Human Resources & Communication, Finance, Legal Compliance & Governance, IT & Procurement and Strategy & Corporate Development.

Responsibilities

• Report directly to the SOC Manager
• Perform threat detection (identification of relevant security events)
• Perform threat investigation (analysis/trial of events to identify cyber security incidents)
• Rapidly response to cyber security incidents
• Ensure the tracking, documentation and closure of cyber security incidents
• Post-incident reporting and review of cyber security incidents
• Work closely with IT and our various business units
• Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring
• Pre-design /-define and implement new SOC processes and procedures based on the MITRE ATT&CK framework
• Manage, administer and maintain the security equipment and tools of the SOC

Profile

• At least 2+ years of experience in cyber security
• Experienced with the use of Security Information and Event Management (SIEM)
• Familiar with TCP/IP, computer networking, routing, and switching
• Experienced with IDS/IPS systems, penetration and vulnerability testing
• Experienced with Windows, UNIX and Linux operating systems and their event logging
• Proficient in packet analysis tools as well as anti-virus and anti-malware
• Proficient in Cyber Security Threat Hunting, Incident analysis and IT Forensic tools and device
• Familiar with a common programming language such as Python, Java or PHP is a plus
• Good communication skills
• Ability to handle high pressure situations
• Good analytical skills, problem solving and interpersonal skills
• Fluently in English and German any additional languages are a plus
• Certifications in Hacking, Cyber Security Analysis, Cyber Security Incident Handling and/or IT Forensics are a great advantage