Mission of the Role

***This position is based in our SICK, Bloomington MN office. Working in office four days a week and one day remote. 

This position is responsible for protecting the companies’ network and systems from cyber-attacks and is part of a newly formed global cyber security team which makes up the Security Operations Center (SOC). This position serves as the local subject matter expert and reports to the Senior Manager,  Information  Technology with a dotted reporting line to our Global HQ in Germany. 

Key Responsibilities

• Analyze and assess a variety of security incidents in our central security platforms that range in complexity (threat hunting).
• Ongoing development and review of scenario incidents and response (i.e. Phishing Attacks, Malicious Attachments and Malware, Suspicious password requests and Unauthorized network access).
• Contribute to the development of a playbook that outlines how to respond to various scenario incidents including working with end-users and vendors.
• Monitor and detect attacks and deviations from normal system behavior.
• Monitor, secure and protect systems from unauthorized access and damaging events.
• Lead the development, implementation, and tuning of monitoring use cases as needed upon emergence of new applications, threats, and policies.
• Generate and analyze reports across multiple tools and platforms looking for patterns of attack.
• Build formal threat and incident response processes, including analysis, triage and escalation of security events, coordination and tracking of response activities, and status in partnership with the global team
• Development and maintenance of process documentation, procedures, and playbooks
• Detailed documentation of incidents in a ticket system / SIEM system.
• Close cooperation with Computer Security Incident Response Team (CSIRT) and other security departments.
• Collaborate and contribute to an international team.
• Research and keep abreast of IT trends and cyber-attack methods. 
• Serve as a mentor for junior level analysts on the team.
• Carry out other duties and responsibilities as may be assigned or required. 

Key Qualifications

Education and Experience: 

• Bachelor’s degree in cyber security, business informatics, information technology or comparable qualification or additional equivalent work experience.
• Master’s degree, advanced education or relevant certifications in Cyber Security preferred
• 5+ years’ experience in a Security Operations Center or security-based role
• Expert knowledge of complex IT infrastructures and strong knowledge of firewall, proxy, network, server and client architecture and cloud security, 

Other Qualifications: 

• Experience in network and cloud security or with SIEM solutions required
• Global team experience is a plus
• Strong teamwork and communication skills
• Comfortable speaking technically with analysts and strategically with senior executives
• Conceptual skills as well as analytical, solution-oriented way of working
• High customer and service orientation
• Able and willing to work alternative schedules including weekend, and on-call hours as needed
• Legally permitted to work in the United States (*This position is not eligible for sponsorship now or in the future)
• Able to work in a general office environment
• Ability to travel as needed for additional training and internal meetings which may include international travel 

Compensation

Starting Base Annual Salary Range: $74,550 – $112,750