Cybersecurity Engineer (d/m/f)

Fulltime in Germany or other ALSO Country (HR-6715 und HR-6716)

As a Cybersecurity Engineer you will be responsible for identifying and mitigation of information security issues that may pose short and long term risks to company’s business operations, customers, employees, shareholders, suppliers and partners. You will monitor systems and networks, assess and analyse alarms, detect and  report on security threats and intrusion attempts, either resolving  or escalating them. You will also participate in planning of ALSO Group cybersecurity strategy and related projects, ensuring the security in implementation of IT and business projects. Important part of the work will be around deployment of security controls and policies, providing cybersecurity awareness to employees, collaboration with Group Management and alignment with them on tasks and priorities.

Your Responsibilities:

• Leading the tasks and projects for improving cybersecurity in different IT and business areas
• Developing and deployment of information security controls, policies and procedures
• Monitor for attacks, intrusions, unauthorised and illegal activities; investigate security events and provide incident response
• Research emerging cybersecurity threats and methods to manage them
• Deploy new security systems or upgrade the existing ones
• Develop and deploy the security hardened baselines for IT systems and applications
• Give advice and guidance to staff on secure usage of company IT systems and applications
• Conducting security reviews and audits of existing and newly acquired systems; providing recommendations on improvements to internal controls and cybersecurity
• Coordinate the preparation of company subsidiaries and relevant policies and systems to meet the requirements for information security certifications and regulations, including ISO 27001, ISO 27017, NIS2, GDPR
• Arrange the development and delivery of cybersecurity awareness training for colleagues
• Keep up to date with the latest cybersecurity and information technology developments
• Prepare reports for technical, non-technical personnel and stakeholders

Skills and Competences

• Bachelor's or MBA degree in computer science or related field
• Acquired certifications in Cybersecurity and other IT areas (such as SSCP, CompTIA Security+ , CEH) will be considered as advantage
• Solid cybersecurity, Infrastructure, support or helpdesk background experience
• Good knowledge and experience with various information and cybersecurity technologies such as networks, operating systems, software, hardware, firewalls, cloud computing, endpoint protection, EDR, IDS/IPS, SIEM, etc.
• Experience and knowledge in Microsoft Azure, Entra ID, Windows Server, Active Directory, Office 365, Microsoft Defender, Microsoft Purview are required. Possessing any Microsoft Security certifications, such as AZ-500 or SC 100-400, is preferred
• Understanding of the cybersecurity risks related to various technologies and ways to manage them
• Problem solving and analytical skills to identify and assess threats, risks and patterns
• Teamworking skills 
• Knowledge and experience in deployment of enterprise cybersecurity according to requirements of ISO 27001, ISO 27017, NIST SP800-53, NIST Cybersecurity Framework or SOC2  will be regarded as advantage