GEA is a multinational engineering company and one of the largest suppliers in the world focused on advanced engineering technology processes for the food, beverage, chemical, pharmaceutical, agricultural, oil, and naval sectors, among many others. In fact, we have more than 18 thousand employees worldwide and as a curious fact, 50% of beer production worldwide is made with our machinery.
Right now we are looking for our future a Security Incident Specialist Expert is the first contact of the CISO when it comes to processing, handling and learning from security incidents in the GEA Group. He develops reporting channels and improves existing ones. He is responsible for planning and resource allocation in the handling of security incidents. He coordinates closely with the CISO as well as the emergency and crisis management teams and is involved in the corresponding planning.
Responsibilities / Tasks
Accountable for the managing all kind of security incidents, their reporting and follow-up
Accountable for the coordination for fault clearance, optimization and success control for all security incidents
Responsible for the coordination of complex IT disturbances and tracking from escalation cases to the solution
Responsible for the targeted and effective identification of root causes and elimination of error sources and security gaps
Coordinates with the responsible IT Service Owner, IT departments, physical security and facility management departments, data protection and HR
Defines the Security Incident Management policies, procedures, and processes, steers and coordinates their technical implementation (e.g. ServiceNow) and aligns those with other incident management processes
Involved in improving emergency and crisis processes, their documentation and corresponding planning
Responsible for the planning and resource availability required for fault clearance implementation and monitors the documentation of the fault clearance progress
Coordinates and steers the external Security Incident analysis and response providers (Security Operation Center)
Coordinates with external security incident response & digital forensics service providers
Defines Key Performance Indicators (KPIs) and monitors those
Point of information for all information on critical faults
Ensures, analyses and improves reporting channels
Prepares and improves the existing key figure analyses and supplements suitable ones for his field of activity
Receives reports of monitoring systems and improves this process
Communicates with authorities (in alignment with CISO)
Works with the sales/communications department on the design and implementation of publications on security incidents to customers
Is the contact for all BISOs, RISOs and LISOs in whose area of responsibility security incidents have occurred or may have occurred
Your Profile / Qualifications
What education, knowledge and experience do you need?
Education
Bachelor's or master's degree in information technology/computer science/Cybersecurity, Business Administration, or a related technical discipline.
Experience
5+ years of experience related to Cyber- or Information Security in the IT production environment
Several years related work experience in IT-Service-Delivery / IT-Operations / IT-Architecture
Very well knowledge of cyber security technologies and methods (threat landscapes, models, standards) as well as in network technologies and network security (routers/switches, firewalls, IDS/IPS, SIM/SIEM, endpoint security)
Experience in Linux and Windows infrastructures (for forensic analysis and countermeasures), network architectures, and application operations and hardening
Experience in system and network design
Experience in O365 and Azure Security
Experience with Authorization and authentication procedures for network, computer and applications
Experience with firewalls
Experience with network protocols such as TCP, UDP, IPSec, SSL and DNS
Experience in multivendor Management and dealing with multiple suppliers
Knowledge
Knowledge about standard methodologies related to networking and system security
Knowing security standards such as ISO, PCI, HIPAA and SOX
Knowledge about monitoring and security software such as IDS and IPS
Knowledge about encryption technology
Skills
Interpersonal skills in communication and collaboration
Strong communication skills, in English, local language is a plus
Strong analytical ability, business acumen, problem solving skills
Capabilities, in financial & budget ownership
Working at GEA Group has significant benefits:
11 Paid Holidays
PTO - Paid Time Off
Medical Plans
Dental Insurance
Vision Insurance
Health Savings and Spending Accounts
Tuition Reimbursement
401k with excellent employer match
Wellness Incentive Program
Employee Assistance Program
GEA Group is committed to fostering an inclusive work environment where all clients and employees feel welcomed, accepted and valued. We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.