Senior Security Incident Responder
What's the role?
As a Senior Security Incident Responder, you are part of our international Security Operations Centre (SOC) organization headquartered in Kuala Lumpur. You will help us to protect our critical assets in IT/IoT/OT by improving detection logic and define playbooks every day and resolve security incidents as they materialize. You will work in close collaboration and partnership with our newly established Chief Cyber Security Officer organization, our Global IT Engineering teams, our Digital Software & Services teams, and our Legal and Data Protection organization and external service providers.
Who is Hilti?
If you’re new to the industry, you might not have heard of us. We provide leading-edge tools, technologies, software, and services for the global construction sector. We have a proud heritage, built over more than 75 years, and a worldwide reputation for pioneering products and exceptional service. With some 30,000 people in more than 125 countries, which we are looking to expand, we’re a great place for you to show us your worth, step up to new challenges and grow your career.
Global IT within Hilti is a truly global team with main hubs in Buchs (Switzerland), Kuala Lumpur (Malaysia) and Plano/Tulsa (USA). All locations have highly competent teams who work very closely together. Hilti`s Global IT team is known for their focus on sustainable value creation by translating latest IT innovations into value creating solutions & services and this is also the home of the Chief Cyber Security Officer Organization
What does the role involve?
You will manage and lead the response efforts to complex attacks against Hilti globally and seek to consistently mature the security incident response processes that are specific to our growing cloud and on-premise environments. You will support forensic investigations and bring to resolution or escalate to appropriate system owners in Global IT and report the outcomes of incident handling to senior management. You will perform threat hunting, write scripts, work also on orchestration and automation. You will propose new detection logic and design, test and automate playbooks for IT, IoT and OT in our target system landscape (including SIEM, SOAR, EDR).
You will manage all stakeholder interactions in a professional manner with a strong emphasis on user satisfaction. You will also contribute to the overall performance and success of the SOC function. You will closely collaborate with Cyber Security Engineers and other Cyber Security specialists in the team and with colleagues in IT Operations to improve the overall security posture of Hilti. You are expected to participate in on-call duties of the organization.
What do we offer?
We’ll give you the tools you need to excel in your role. You’ll enjoy a rare combination of autonomy and camaraderie, as you’ll manage your own project while being part of a friendly team. You’ll not just be another pair of hands but a fully integrated team member with lots of self-responsibility. From there, we’ll trust you to do whatever it takes to deliver outstanding results. Go the extra mile and we’ll reward you with strategic development discussions and career opportunities
Why should you apply?
We want to mature into leading SOC organization with highly automated and extremely adaptive capabilities using latest technologies. We work in classical IT environments but also in IoT and OT environments where we anticipate a lot of progress and capability building in the future.
What you need is:
- Must Have; Bachelor’s degree in computer science, information systems, engineering or a related technical discipline related to information security, cybersecurity, or computer network defense, Master’s degree would be preferred
- 5 + years’ experience working in Security Incident Response or related fields
- Proven subject matter expertise in relevant areas, such as threat hunting, intrusion analysis, malware analysis, cyber threat intelligence or security engineering
- Strong analytical and problem-solving skills paired with excellent interpersonal and communication skills
- Knowledge of NIST and SANS incident response frameworks and best practices
- Must have hand-on experience in SIEM/XDR/SOAR/TIP/EDR, NTA platforms
- Fluent in English (verbally and written)
- Two or more of the following: CISSP, GCIH, GCFA, GSEC, EC-Council’s Certified Incident Handler (ECIH), SEI Computer Security Incident Handler (CSIH), Mile2’s Certified Incident Handling Engineer (CIHE)
- Must be very comfortable in scripting languages (Python, JavaScript, PHP)
- Good to have; Working experience in the manufacturing industry
- Understanding on analyzing related data sets
- Familiarity with multi cloud environments
- Experience in conducting penetration testing
- A thirst to learn and challenge yourself
Come join us!
