Perform build and configuration of a cloud-based infrastructure
Operate and manage a cloud-based infrastructure with security tools a vulnerability scanner and in association with external services like MDR, SIEM, etc.
Operate and manage a technical application which performs infrastructure security vulnerability assessments across various IT/OT systems, including applications, wireless and wired networks, web services, mobile applications, thick clients, Cloud solutions, etc.
Collaborate with various teams across the Nemetschek Group (IT, Development, QA) to help ensure designs and implementations meet specified security standards & needs
Manage and execute risk identification, assessment and quantification, aggregation reporting, and monitoring processes
Respond to you communicated security incidents along defined incident response plans
Enhance current threat and situational intelligence sources leveraging proprietary enterprise data, a variety of external sources, and open-source data
Report and escalate detected threats
Escalate appropriate screening cases to senior management & CIRT
Create meaningful and detailed reports based on security events or activities
Collect evidence and artifacts to meet compliance requirements (ISO, SOC, etc.)
Skills required
You have successfully completed a degree in bachelors degree in information systems or systems Engineering or equivalent experience preferred.
You have at least 4 years of experience in the field of Information systems support, security engineering, or risk and governance, ideally in the software industry.
You enjoy working in complex structures and a dynamic corporate environment.
You are characterized by very good troubleshooting and problem solving skills as well as a systematic and result-oriented way of working
You are a team player and a high level of service orientation is a matter of course for you
CISSP, CISA, GIAC, and other certifications preferred.