Cybersecurity Blue Team Leader
What's the role?
The Blue Team Leader is a direct report of the Global Head of Cyber Defense and runs the daily security operations in Hilti's SOC. The Blue Team Leader is very hands-on and at the heart of the Hilti mission control and drives security incident management/resolution, SOC platform engineering and is also responsible for aligning with the MSSP. The Blue Team Leader produces actionable reports and maintains the dashboards, plans and assigns resources in security operations and conducts performance reviews of the individual team members. As a strong and experienced people leader, the Blue Team Leader defines the individual education plans for the two SOC subteams reporting to him: the CSIRT squad and the SOC platform engineering squad.
Who is Hilti?
If you’re new to the industry, you might not have heard of us. We provide leading-edge tools, technologies, software, and services for the global
construction sector. We have a proud heritage, built over more than 75 years, and a worldwide reputation for pioneering products and exceptional
service. With some 30,000 people in more than 125 countries, which we are looking to expand, we’re a great place for you to show us your worth,
step up to new challenges and grow your career.
Global IT within Hilti is a truly global team with main hubs in Buchs (Switzerland), Kuala Lumpur (Malaysia) and Plano/Tulsa (USA). All locations
have highly competent teams who work very closely together. Hilti`s Global IT team is known for their focus on sustainable value creation by
translating latest IT innovations into value creating solutions & services and this is also the home of the Chief Cyber Security Officer Organization
What does the role involve?
You run the daily security operations of the CSIRT squad and the SOC platform engineering squad together with the MSSP. Thus, you are truly
the owner of the “run the business” side of things in the SOC.
Together with your squads, you drive all CERT activities together with the system owners in the IT infrastructure and IT application teams and
facilitate vulnerability management activities in IT, OT and IoT.
As an enthusiastic technologist, you own, maintain and improve detection logic applied across all estates of IT, OT and IoT.
You organize and facilitate daily standups, weekly retrospectives, manage the team backlog.
You are responsible for the resource planning of the squads in the different locations to ensure the overall SOC readiness and the ability to
react to a security incident at any time of the day.
As a passionate team builder, you will support the growth of the people, you drive the education, training, upskilling and coaching of the
individual team members as well as the performance review.
Together with the PO Cyber Defense you drive continuous service and process improvements in the SOC and define requirements for new
What do we offer?
We’ll give you the tools you need to excel in your role. You’ll enjoy a rare combination of autonomy and camaraderie, as you’ll manage your own project while being part of a friendly team. You’ll not just be another pair of hands but a fully integrated team member with lots of self-responsibility.
From there, we’ll trust you to do whatever it takes to deliver outstanding results. Go the extra mile and we’ll reward you with strategic development discussions and career opportunities.
Why should you apply?
We want to mature into leading SOC organization with highly automated and extremely adaptive capabilities using latest technologies. We work in classical IT environments but also in IoT and OT environments where we anticipate a lot of progress and capability building in the future.
What you need is:
For this position, we are seeking a passionate “techie” who is also highly motivated team builder, an empathetic leader and people motivator at the
You have experience in managing global, virtual teams. You are a good listener and feel comfortable in providing feedback to technical security specialists.
Excellent verbal and written communication skills in English gives you to possibility to explain complex topics in simple words to the team and your manager.
You are self-starter with a demonstrated ability to work both independently in a matrix as well as a leader in a global and virtual teams.
BSc/MSc degree in cybersecurity, computer science, information systems, engineering or a related technical discipline related to information security, or computer network defense
3+ years’ proven team lead role with HR responsibility in an operational IT environment
You have a solid background in IT, preferably in the area of cyber security, network or system security.
A technical mindset and willing to join the team at the console for education and teambuilding purpose.
Experience with SIEM, SOAR, EDR, NDR, VuMa technologies
Experience in Agile/LEAN way of working
Excellent interpersonal skills and well balanced, adaptive communication style; ability to explain complex topics in simple terms
Fluent in English (verbally and written)
Good to have:
Working experience in the manufacturing industry
Familiarity with multi cloud environments
Previous exposure to IoT or OT
Knowledge of security frameworks like NIST CSF and SANS incident response and/or best practices in cyber security
A thirst to learn and challenge yourself
Click through the 'Apply Now' button where you will be asked to upload your CV and answer a couple of short questions – the whole process should take around 90 seconds. If we like what we see, you'll be invited to a telephone interview.
If we don't have a suitable role for you at the moment, we will keep you in our talent pool for the future so your recruitment process might take a bit longer but we'll be sure to stay in touch.
Looking forward to hearing from you!