Cybersecurity Expert

At Uniper, we proactively transform the world of energy while ensuring the security of energy supply. As an internationally operating company, we work in very diverse teams with the greatest possible working time flexibility for our employees. Our corporate culture is characterized by equal opportunities, mutual appreciation, and respect. With us, you will be able to develop new business models, work on technological solutions for a modern, sustainable, and future-oriented energy supply, as well as proactively help shape changes. Interested? We look forward to meeting you

Our team Cyber Security is looking for you

Overview:

The Uniper Cybersecurity Operations Center is continuously enhancing its capabilities to strengthen our cybersecurity readiness and response to evolving threats. To meet our growing maturity and scalability demands, we are expanding our internal team to bolster skills, capacity, and gain fresh external perspectives to refine our incident response and cybersecurity functions.

Role Description:

We are seeking skilled and experienced professionals with proven expertise in cybersecurity. You should be confident in assessing, classifying, and investigating potential threats or incidents. Ideally, you hold certifications such as Incident Handler and have deep knowledge of Microsoft products, Cloud Solutions, Palo Alto, PowerBI, and automation tools. Experience in forensics and using forensic tools is essential, along with strong familiarity with querying and coding languages.

You possess the ability to handle complex situations and communicate confidently with both technical and non-technical audiences. Your work is well-organized, and you consistently produce high-quality documentation, striving for continuous improvement in processes and procedures. Fluency in both English and German is required. If you're someone who thrives in dynamic environments and constantly seeks improvement— we want you on our team

Key Responsibilities:

• Incident Lifecycle Management: Manage and coordinate the full lifecycle of information and cybersecurity incidents, including detection, containment, eradication, and restoration of affected systems. Act as the central communication point, coordinating incident management activities with IT and OT teams, service providers, suppliers, and other relevant stakeholders from start to finish
• Technical Expertise & Threat Identification: Leverage a strong technical background across multiple disciplines (Cloud, infrastructure, architecture, Industry 4.0) with a focus on information security. Identify malware types, infection methods, and objectives, while extracting and defining Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs)
• Threat Analysis & Monitoring: Analyze system logs, including network traffic, payloads, event logs, application logs, and firewall logs to detect and understand security incidents. Contribute to threat hunting activities, pen tests, forensic analysis, and continuous monitoring to enhance security posture
• SOC & Automation Integration: Apply experience in setting up or working within modern Security Operations Centers (NextGen/Fusion/Converged Cyber Defense Ops) with automation, orchestration, and threat intelligence tools. Familiarity with tools like Palo Alto XSOAR/XSIAM, MS Sentinel, and Defender for Cloud is highly valued
• Network & Endpoint Security: Provide expertise in network security and incident handling, with experience in managing firewalls and using advanced security solutions like Microsoft E5 Security (e.g., Palo Alto Cortex, MS Defender XDR)
• Threat Intelligence & Vulnerability Management: Collaborate with teams focused on Threat Intelligence and Vulnerability Management, ensuring proactive identification of threats and tracking remediation efforts. Familiarity with frameworks like Mitre ATT&CK and tools like MISP and Mandiant is preferred
• Documentation & Reporting: Prepare high-quality reports on security incidents, findings, and lessons learned. Generate documentation for processes, procedures, and playbooks, ensuring clear communication of outcomes to both technical and non-technical audiences. Crisis management and communications expertise are considered advantageous
• Emerging Threat Awareness: Stay informed about emerging threats and exploit vectors, sharing insights with leadership and cross-functional teams to inform decision-making and ensure continuous improvement
• Communication & Collaboration: Work closely with cross-functional teams, delivering clear, concise communication on security incidents, vulnerabilities, and mitigation strategies to all levels of the organization

Qualifications:

• Education: Bachelor's or Master's degree in Computer Science, IT Security, Business Informatics, or a related field
• Experience: Minimum of 8 years in IT security with over 3 years of hands-on experience in Cyber Defense Operations Centers (CDC) or Security Operations Centers (SOC). Proven expertise in managing cybersecurity incidents, cyber defense operations, and threat intelligence with a strong technical background
• Technical Expertise: Deep knowledge of cybersecurity threats, attack techniques, and relevant intelligence tools (e.g., MISP, Mandiant). Proficiency in network architectures, cloud security, and IT security frameworks, including experience with Microsoft Azure and Palo Alto solutions. Familiarity with the MITRE ATT&CK framework and advanced incident response methodologies. Strong skills in coding and querying languages such as Python, KQL, XQL, GO, JavaScript, Java, C#/.NET, Rust, Lucene, and RegEx
• Certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or similar. Incident Response certifications such as E|CIH, GCIH, or GEIR are preferred. IT vendor certifications, particularly in Microsoft Azure and Palo Alto, would be advantageous
• Analytical Skills: Strong ability to analyze complex threat data, detect patterns, and develop actionable intelligence. Expertise in working with Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) to enhance security operations
• Human Skills: Experience working within international teams, adept at managing intercultural communications, and promoting effective collaboration despite differing opinions or perspectives
• Other Requirements: Fluency in both spoken and written English and German is a plus

Key Attributes:

• Innovative & Analytical: You challenge the status quo, bringing new ideas and innovative solutions to the table. You are constantly looking for ways to enhance processes, especially in cybersecurity and technical problem-solving
• Team Player: While you thrive in individual tasks, you excel in collaborative environments and work well within cross-functional teams. You proactively offer assistance, contributing to team success even without being asked
• Problem Solver: You are an independent thinker and an excellent listener, capable of delivering effective solutions. You maintain your composure under pressure and solve complex technical challenges with ease, particularly in the context of cybersecurity operations
• Ownership & Accountability: You take full ownership of your work, ensuring accountability in every task. You deliver results that align with the organization's goals and continually improve its cybersecurity defenses
• Strong Communicator: You possess excellent verbal and written communication skills, adept at explaining complex technical issues to both technical and non-technical audiences. You aren't afraid to speak up, ensuring clarity in all communications
• Passionate & Motivated: You bring energy and enthusiasm to your work, balancing hard work with a positive attitude. You inspire and motivate those around you, staying engaged and driven to achieve top-tier results while enjoying your work
• Technical Expertise: Your skills extend to working with cybersecurity frameworks, threat intelligence tools, and coding languages like Python, KQL, and XQL. You leverage this technical knowledge to innovate and solve security challenges

This role demands a high level of expertise, leadership, and communication skills, ensuring that you contribute significantly to cybersecurity efforts while fostering a culture of innovation and accountability.

CRWL1_DE