Share this Job
Apply now »

CyberSOC Incident Response Specialist

CyberSOC Incident Response Specialist

*

Position Snapshot

Location: Global IT HUB Barcelona (Esplugues de Llobregat)
Company: Nestle
Full-time position
Grade: H2
3+ years of experience in Incident Response or related areas

 

About IT in Nestlé

 

We are a team of IT professionals from many countries and diverse backgrounds, each with unique missions and challenges in the biggest health, nutrition and wellness company of the world. We innovate every day through forward-looking technologies to create opportunities for Nestlé’s digital challenges with our consumers, customers and at the workplace. We collaborate with our business partners around the world to deliver standardized, integrated technology products and services to create tangible business value.

 

 

In order to complete Nestlé Cyber SOC we are currently looking for Cyber Security Incident Response Specialist.

 

In this position, you will provide situational awareness through the detection, containment, and remediation of cyber threats. As a SOC Specialist you will manage security incidents, ensuring they are properly identified, analyzed, communicated, actioned/defended, investigated and reported. Together with external SOC services, you will monitor Nestlé assets to identify potential cyber-attacks. Furthermore, you will define and create use cases and scenarios to address new threats and improve SOC’s security monitoring and alerting capabilities. Working within cross-functional teams, you will create and implement operational processes, identify threats and security gaps, and collaborate with the Security Community of Practice to develop measures to protect the company information and provide inputs to other positions/functions to perform lessons learned and continuous improvement.

 

Key responsibilities

 

  • Identify cyber security threats within the Nestlé infrastructure and develop the use cases for their proactive detection.
  • Investigate, escalate and coordinate the remediation of information security incidents in line with industry best practices (SANS, NIST, etc.).
  • Review and assess security and infrastructure logs for indicators of compromise (IOCs) or other anomalous behavior within networks, applications or user profiles.
  • Validate security configurations and access to security infrastructure tools, including firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), anti-malware/endpoint protection systems, etc.
  • Define, develop, maintain and regularly test incident response processes and procedures.
  • Liaise with the Security Product Manager to identify best practices and continuously improve technical standards, processes, procedures and guidelines to enable proper risk mitigation for each business capability
  • Keep Security Product Group colleagues and key business stakeholders updated / engaged on security related developments.
  • Work with the Product Group teams to maintain and enhance the security levels of the products according to threat-based security strategy for the information and business capabilities in scope.

 

 

Required Profile

  • Bachelor or Master’s Degree in Computer Science, Information Security or another similar relevant degree (an additional 3 years of experience may be substituted in lieu of a degree).
  • 5+ years of cyber incident response, risk management and/or security experience.
  • In-depth understanding of: threat based IS/IT security, latest security technologies and concepts, threat management, incident and vulnerability handling, technical security testing and maturity assessments, secure software lifecycle development (SecDevOps).
  • Knowledge and previous experience with Microsoft 365 Defender product suite and ICS security solutions will be an advantage.
  • Experience with security information event management solutions (e.g. ArcSight, Splunk),  SOAR platforms and major Cloud providers (AWS, Azure, GCP) is desirable.
  • Effective communication skills at different levels of organization and in English.
  • Ability to present information to a wide variety of internal stakeholders, including senior level leadership.
  • Professional experience working with sensitive or confidential information in a work environment.
  • Experience having worked in a global environment and with virtual teams.
  • Relevant technical and industry certifications are a plus (e.g. CISSP, GCIH, OSCP, CEH).



Show us that you are an enthusiastic, curious, fast learner and team player person who is used to work with agile practices. Your ability to be flexible, self-motivated and your willingness to deliver on a deadline will set you apart among the other candidates. Please don’t hesitate and apply in English at www.nestle.com/jobs. We are excited to hear from you!

We are Nestlé, the largest food and beverage company. We are 308,000 employees strong driven by the purpose of enhancing the quality of life and contributing to a healthier future. Our values are rooted in respect: respect for ourselves, respect for others, respect for diversity and respect for our future. With more than CHF 91.4 billion sales in 2018, we have an expansive presence with 413 factories in more than 85 countries. We believe our people are our most important asset, so we'll offer you a dynamic inclusive international working environment with many opportunities across different businesses, functions and geographies, working with diverse teams and cultures. Want to learn more? Visit us at www.nestle.com.

*

Position Snapshot

Location: Global IT HUB Barcelona (Esplugues de Llobregat)
Company: Nestle
Full-time position
Grade: H2
3+ years of experience in Incident Response or related areas

 

About IT in Nestlé

 

We are a team of IT professionals from many countries and diverse backgrounds, each with unique missions and challenges in the biggest health, nutrition and wellness company of the world. We innovate every day through forward-looking technologies to create opportunities for Nestlé’s digital challenges with our consumers, customers and at the workplace. We collaborate with our business partners around the world to deliver standardized, integrated technology products and services to create tangible business value.

 

 

In order to complete Nestlé Cyber SOC we are currently looking for Cyber Security Incident Response Specialist.

 

In this position, you will provide situational awareness through the detection, containment, and remediation of cyber threats. As a SOC Specialist you will manage security incidents, ensuring they are properly identified, analyzed, communicated, actioned/defended, investigated and reported. Together with external SOC services, you will monitor Nestlé assets to identify potential cyber-attacks. Furthermore, you will define and create use cases and scenarios to address new threats and improve SOC’s security monitoring and alerting capabilities. Working within cross-functional teams, you will create and implement operational processes, identify threats and security gaps, and collaborate with the Security Community of Practice to develop measures to protect the company information and provide inputs to other positions/functions to perform lessons learned and continuous improvement.

 

Key responsibilities

 

  • Identify cyber security threats within the Nestlé infrastructure and develop the use cases for their proactive detection.
  • Investigate, escalate and coordinate the remediation of information security incidents in line with industry best practices (SANS, NIST, etc.).
  • Review and assess security and infrastructure logs for indicators of compromise (IOCs) or other anomalous behavior within networks, applications or user profiles.
  • Validate security configurations and access to security infrastructure tools, including firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), anti-malware/endpoint protection systems, etc.
  • Define, develop, maintain and regularly test incident response processes and procedures.
  • Liaise with the Security Product Manager to identify best practices and continuously improve technical standards, processes, procedures and guidelines to enable proper risk mitigation for each business capability
  • Keep Security Product Group colleagues and key business stakeholders updated / engaged on security related developments.
  • Work with the Product Group teams to maintain and enhance the security levels of the products according to threat-based security strategy for the information and business capabilities in scope.

 

 

Required Profile

  • Bachelor or Master’s Degree in Computer Science, Information Security or another similar relevant degree (an additional 3 years of experience may be substituted in lieu of a degree).
  • 5+ years of cyber incident response, risk management and/or security experience.
  • In-depth understanding of: threat based IS/IT security, latest security technologies and concepts, threat management, incident and vulnerability handling, technical security testing and maturity assessments, secure software lifecycle development (SecDevOps).
  • Knowledge and previous experience with Microsoft 365 Defender product suite and ICS security solutions will be an advantage.
  • Experience with security information event management solutions (e.g. ArcSight, Splunk),  SOAR platforms and major Cloud providers (AWS, Azure, GCP) is desirable.
  • Effective communication skills at different levels of organization and in English.
  • Ability to present information to a wide variety of internal stakeholders, including senior level leadership.
  • Professional experience working with sensitive or confidential information in a work environment.
  • Experience having worked in a global environment and with virtual teams.
  • Relevant technical and industry certifications are a plus (e.g. CISSP, GCIH, OSCP, CEH).



Show us that you are an enthusiastic, curious, fast learner and team player person who is used to work with agile practices. Your ability to be flexible, self-motivated and your willingness to deliver on a deadline will set you apart among the other candidates. Please don’t hesitate and apply in English at www.nestle.com/jobs. We are excited to hear from you!

We are Nestlé, the largest food and beverage company. We are 308,000 employees strong driven by the purpose of enhancing the quality of life and contributing to a healthier future. Our values are rooted in respect: respect for ourselves, respect for others, respect for diversity and respect for our future. With more than CHF 91.4 billion sales in 2018, we have an expansive presence with 413 factories in more than 85 countries. We believe our people are our most important asset, so we'll offer you a dynamic inclusive international working environment with many opportunities across different businesses, functions and geographies, working with diverse teams and cultures. Want to learn more? Visit us at www.nestle.com.

Esplugues Llobregat, B, ES, 08950

Esplugues Llobregat, B, ES, 08950

Apply now »