TasksTasks

Key Tasks & Responsibilities:

Lead and manage cybersecurity incidents end‑to‑end, from identification through containment, eradication, recovery, and post‑incident closure.
Assess incidents to determine root cause, scope, severity, and business impact; define response objectives and priorities accordingly.
Form and lead cross‑functional incident response teams, coordinating across SOC, IT operations, Cloud, Network, Threat Intelligence, and external partners.
Coordinate containment, eradication, and recovery activities, ensuring response objectives are met within defined SLAs.
Manage incident response resources, track progress, and ensure timely execution of response actions.
Govern SOC incident response processes, playbooks, metrics, and overall effectiveness.
Ensure timely escalation of significant and critical incidents to senior leadership and relevant stakeholders.
Manage internal and external communications, delivering regular incident status updates, executive briefings, dashboards, and crisis communications.
Drive post‑incident Root Cause Analysis (RCA), problem management, and lessons‑learned sessions to prevent recurrence.
Identify, track, and follow up on corrective and preventive actions; ensure proper documentation of all incident actions, decisions, and evidence.
Monitor detection and response effectiveness and drive continuous improvement through enhanced processes, automation, detection content, and operational workflows.
Contribute to SOC maturity by continuously improving incident response governance, tooling, and operational capabilities.

Key Skills:

Hands-on experience managing major cybersecurity incidents in large-scale enterprise environments.
Strong expertise with Microsoft security ecosystem:
- Microsoft Sentinel (SIEM)
- Microsoft Defender for Endpoint (MDE)
- Microsoft Defender for Identity (MDI)
- Microsoft Defender for Office 365 (MDO)
- Microsoft Defender for Cloud (MDC)
Apply industry frameworks such as NIST IR Lifecycle, MITRE ATT&CK, and Cyber Kill Chain to guide incident handling.
Deep understanding of SIEM, IDS/IPS, endpoint security, cloud security, networking protocols.
Strong knowledge of OWASP, Cyber Kill Chain, MITRE ATT&CK, NIST Incident Response Lifecycle.
Excellent communication, stakeholder management, and crisis leadership skills.
Ability to translate technical risks into business-impact narratives for executives.
Experience in escalation management and cross-functional coordination.

Key Tasks & Responsibilities:

Lead and manage cybersecurity incidents end‑to‑end, from identification through containment, eradication, recovery, and post‑incident closure.
Assess incidents to determine root cause, scope, severity, and business impact; define response objectives and priorities accordingly.
Form and lead cross‑functional incident response teams, coordinating across SOC, IT operations, Cloud, Network, Threat Intelligence, and external partners.
Coordinate containment, eradication, and recovery activities, ensuring response objectives are met within defined SLAs.
Manage incident response resources, track progress, and ensure timely execution of response actions.
Govern SOC incident response processes, playbooks, metrics, and overall effectiveness.
Ensure timely escalation of significant and critical incidents to senior leadership and relevant stakeholders.
Manage internal and external communications, delivering regular incident status updates, executive briefings, dashboards, and crisis communications.
Drive post‑incident Root Cause Analysis (RCA), problem management, and lessons‑learned sessions to prevent recurrence.
Identify, track, and follow up on corrective and preventive actions; ensure proper documentation of all incident actions, decisions, and evidence.
Monitor detection and response effectiveness and drive continuous improvement through enhanced processes, automation, detection content, and operational workflows.
Contribute to SOC maturity by continuously improving incident response governance, tooling, and operational capabilities.

Key Skills:

Hands-on experience managing major cybersecurity incidents in large-scale enterprise environments.
Strong expertise with Microsoft security ecosystem:
- Microsoft Sentinel (SIEM)
- Microsoft Defender for Endpoint (MDE)
- Microsoft Defender for Identity (MDI)
- Microsoft Defender for Office 365 (MDO)
- Microsoft Defender for Cloud (MDC)
Apply industry frameworks such as NIST IR Lifecycle, MITRE ATT&CK, and Cyber Kill Chain to guide incident handling.
Deep understanding of SIEM, IDS/IPS, endpoint security, cloud security, networking protocols.
Strong knowledge of OWASP, Cyber Kill Chain, MITRE ATT&CK, NIST Incident Response Lifecycle.
Excellent communication, stakeholder management, and crisis leadership skills.
Ability to translate technical risks into business-impact narratives for executives.
Experience in escalation management and cross-functional coordination.

QualificationsQualifications

Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field
10–12 years of overall cybersecurity experience with strong focus on incident management.
CISSP | CISM | SANS SOC Manager GCIH GCIA
EC-Council Certified SOC Analyst
Microsoft Certified: Security, Compliance, and Identity Fundamentals

Our company cultureOur company culture

At Daimler Truck, we promote diversity and foster an inclusive corporate culture. We value the individual strengths of our employees, as these lead to the best team performance and thus to the success of our company. Inclusion and Equal opportunities are important to us – regardless of where you come from and who you are. We look forward to receiving applications from people of all cultures and genders, parents, people with disabilities and people from the LGBTIQ+ community.