Senior Security Operations Center Engineer (m / f / d)

Senior Security Operations Center Engineer (m / f / d)

Madrid

EUR 50.000 - 70.000

The Senior SOC Engineer (m / f / d) is responsible for the design, maintenance, and enhancement of Security Operations Center (SOC) infrastructure and processes.

They work closely with incident responders, analysts, and threat intelligence teams to optimize detection capabilities, improve SOC workflows, and ensure rapid incident triage and response.

Location

Please note that the working location for this position will be in Madrid city centre, where we are currently setting up a new office.

Until the office is fully set up within the next few months, you will have the possibility to work flexibly from home and continue with a hybrid working model afterwards.

This position is not fully remote, and onsite presence will be required once our office is ready.

Creating Passion: Your Responsibilities

• Use Case Development: Design and test new security use cases to enhance the detection and response capabilities of Liebherr’s SIEM system.
  
  
• Log Source Onboarding: Onboard and integrate various log sources into the SIEM system, ensuring comprehensive visibility across the organization’s IT environment.
  
  
• SOAR Playbook Implementation: Design, implement, and maintain SOAR playbooks to automate incident response processes and improve operational efficiency.
  
  
• System Optimization: Continuously evaluate and optimize the performance of the SIEM and SOAR systems to meet the evolving security needs, including cost optimization related to log sources and retention.
  
  
• Threat Detection Engineering: Design and implement advanced detection techniques, perform threat hunting, and lead tuning exercises and gap analysis.
  
  
• Collaboration: Work closely with the SOC team and other IT departments to ensure seamless integration of security tools and processes.
  
  
• Documentation: Maintain thorough documentation of use cases, log source configurations, and SOAR playbooks for future reference and compliance.
  
  

Contributing Your Strengths: Your Qualifications

• Bachelor’s / Master’s in Cybersecurity, Computer Science, or related field.
  
  
• 6+ years in cybersecurity, ideally as a SOC Engineer.
  
  
• Hands-on knowledge of SIEM and security analytics tools (e.g., Microsoft Sentinel, Microsoft Defender XDR, Elastic SIEM).
  
  
• Familiarity with SOAR platforms and automation processes (especially Microsoft Logic Apps, Microsoft Sentinel Automations).
  
  
• Experience in security log source onboarding and automation of security tasks.
  
  
• Proficiency in scripting and programming languages (e.g., Python, PowerShell) for automation.
  
  
• English is required; German and French are plus.
  
  
• Understanding of cybersecurity frameworks and standards (e.g., ISO27001, NIST, GDPR).
  
  
• Strong analytical, problem-solving, and communication skills.
  
  
• Certifications such as GIAC Python Coder (GPYC), GIAC Cloud Security Automation (GCSA), GIAC Security Operations Certified (GSOC), and cloud certifications (AWS, Azure, GCP) are advantageous.
  
  

Our Commitment to You: Your Benefits

As an internationally successful family business, the Liebherr Group offers you a secure job, a variety of tasks, and exciting development opportunities.

Join our strong team and benefit from:

• Attractive salary and social benefits.
  
  
• Flexible and hybrid working arrangements.
  
  
• Opportunities for creative work.
  
  
• Safe and secure workplace.
  
  
• Individual development and training opportunities.
  
  
• Life and accident insurance.
  
  
• Exclusive private health insurance options.
  
  
• Bonus payments for Christmas and holidays, based on collective agreements.
  
  

Please only use the online application option.

Note: We do not accept applications via recruitment agencies for this position.