About T-Systems:

With around 28,000 employees worldwide and annual revenues of EUR 4.0 billion (2021), T-Systems is one of the leading providers of digital services. The Deutsche Telekom subsidiary is headquartered in Germany and has a presence in Europe as well as in selected core markets and strategic production locations. T-Systems can provide a global production and supply chain to companies operating worldwide.

T-Systems offers integrated end-to-end IT solutions, driving the digital transformation of companies in all industries and the public sector. Focus industries include automotive, manufacturing, logistics and transportation, as well as healthcare and the public sector. T-Systems develops vertical, company-specific software solutions for these sectors.

Core Responsibilities

• Identification, quantifying and tracking of cyber security incidents
• Triage and management of information security events including, where necessary, participation in security incident management
• Respond to inbound Change Requests (CRs), Service Requests (SRs), Queries for handling Incident Management
• Provide Incident Response (IR) support when analysis confirms actionable incident
• Security administration and auditing of privileged systems access
• Provide threat and vulnerability analysis as well as security advisory services
• Analyze and respond to previously undisclosed software and hardware vulnerabilities
• Investigate, document, and report on information security issues and emerging trends
• Integrate and share information with other analysts from other shift
• Assist L1 SOC analysts to develop and improve their cyber security skills
• Assist Team Leads with reporting, projects, monthly SOC Reports specific to respective projects
• Review SOC Analyst ticket queue, review tickets, closure or reassignment as needed
• Maintaining and tracking all information security related documentation to ensure they remain relevant, appropriate and up to date
• Handle SOC incoming phone calls and triaging phone calls that are not related to monitoring
• Create daily Shift Handoff notes and summary and send to all shifts
• Other duties as assigned by Team Leads and/or Operations Manager
• Will float to cover various work schedules and perform monitoring duties as deemed required
• Filter Threat Intelligence feeds that are relevant to the customers

Required Qualifications / Experience:

• Diploma/Degree/Bachelor in Cybersecurity, IT, or a related field (or equivalent experience)
• 5 years of experience in Cyber Security / SOC support
• Networking such as TCP/IP, switching / routing and Cybersecurity Concepts
• Experience working with SIEM and ticketing systems
• Familiar with security systems including firewalls, intrusion detection systems, anti-virus software, endpoint security and vulnerability management software
• Knowledge of frameworks such as Cyber Kill Chain and Adversary Tactics, Techniques and Procedures

Preferred Qualifications:

• CompTIA Network/Security + Certification
• Certified SOC Analyst Certification
• Others IT security qualifications by recognized organisations
• QRadar/Splunk/Palo Alto/Fortinet SIEM or any other major SIEM Platform or SOAR platform is desirable
• Exposure to working with a MSSP is an advantage