The Operational Security Team is responsible for monitoring, managing and improving the glob-al security profile of Schenker.

This is done via two functional team. The teams are divided generally into Tier 1 and Tier 2 but from a practical perspective, there is significant overlap of responsibilities as Tier 1 analysts transition to Tier 2.

Tier 1 Security Analysts are dedicated to monitoring, alerting, response and prioritization of potential security incidents. Monitoring for Tier 1 includes but is not limited to MS ATP, zScaler, ServiceNow ticket queue, Azure security portal and MS Exchange security portal. It is also expected that Tier 1 security analysts will, as they transition to Tier 2, develop a specific subset of professional security skills which include, but are not limited to Threat Hunting, Vulnerability Management, Forensic Investigations, Incident Handling, Edge Security profile management, Endpoint Threat Analysis and Global security subject matter expert (SME).

As a security professional on this team, you are part of a global distributed team responsible for the monitoring, administration and operation of multiple security monitoring and reporting plat-forms and the components therein that secure the day to day business activities of 60 000+ users worldwide.

Your tasks:

• Performs network security monitoring and incident response for a large organization, coordinates with Tier 1 colleagues and with Tier 2 to record, prioritize and initiate incident tickets.
• Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies.
• Monitors and analyzes Security Information and Event Management (SIEM) to identify security issues for remediation.
• Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
• Communicates alerts regarding intrusions and compromises to their network infrastructure, applications and operating systems. Consolidates and conducts comprehensive analysis of threat data obtained from classified, proprietary, and open source resources to provide indication and warnings of impending attacks against unclassified and classified networks.
• Recommend changes to Standard Operating Procedures and other similar documentation.

Requirements:

• 3 + years of related experience in information technology and/or information security preferred
• Rooted interest and passion for information security is a plus
• Essential administrative knowledge of Windows and Linux operating systems
• General understanding of these areas is a plus: Active Directory/Entra, Azure/AWS/GCP, network administration
• An understanding of Cyber Security Incident Response and Network Security Monitoring
• Fundamental understanding of computer networking TCP/IP Some knowledge of Windows, Linux and operating systems and information security
• Some knowledge of Intrusion Detection Systems IDS and SIEM technologies; Splunk or ELK, Antivirus, Firewalls, ZScaler, Endpoint Security and Cisco Sourcefire and similar tools preferred.
• Knowledge of creating Security Information Event Management (SIEM) tool rules.
• Good analytical and problem solving skills
• Effective interpersonal skills to interact with team members, management, and SOC stakeholders
• Ability to think outside of the box when the need arises a plus.
• University degree in related technical/business areas or equivalent work experience
• Some experience in working according to professional processes in the area of ITSM and knowledge of the processes of service management (ITIL).
• Some experience in working in international teams a plus.
• Fluent in English language, both written and spoken.
• Relevant Security Certifications would be a plus.
• Strong aptitude for problem-solving and effective troubleshooting abilities.
• Proficient in customer service skills and adept at engaging with clients, staff, and management teams.