Senior Security Analyst

Metro Global Solution Center (MGSC) is internal solution partner for METRO, a €31 Billion international wholesaler with operations in more than 30 countries. The store network comprises a total of 623 stores in 21 countries, of which 522 offer out-of-store delivery (OOS), and 94 dedicated depots. In 12 countries, METRO runs only the delivery business by its delivery companies (Food Service Distribution, FSD). 

HoReCa and Traders are core customer groups of METRO. The HoReCa section includes hotels, restaurants, catering companies as well as bars, cafés and canteen operators. The Traders section includes small grocery stores and kiosks. The majority of all customer groups are small and medium-sized enterprises as well as sole traders. METRO helps them manage their business challenges more effectively. 

MGSC, location wise is present in Pune (India), Düsseldorf (Germany) and Szczecin (Poland). We provide HR, Finance, IT & Business operations support to 31 countries, speak 24+ languages and process over 18,000 transactions a day. We are setting tomorrow's standards for customer focus, digital solutions, and sustainable business models. For over 10 years, we have been providing services and solutions from our two locations in Pune and Szczecin. This has allowed us to gain extensive experience in how we can best serve our internal customers with high quality and passion. We believe that we can add value, drive efficiency, and satisfy our customers.

●As a Level 2 Cyber Defense Operations Center (CDOC) Senior Analyst, you will work in advanced security operations with a focus on SIEM and SOAR technologies, driving detection and response. You'll be responsible for helping L3 in optimizing detection rules and managing high-severity incidents from triage to resolution.

● Your primary responsibility will be helping Level 1 analyst in analysis of incidents and assisting Level 3 on day-to-day operation.

● This role requires medium level technical expertise, team player quality, and a proactive approach to evolving threats.

Qualifications & Experience

●Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field. A Master's degree or relevant certifications (e.g., SANS/GIAC, ECIH, GCIH, CEH, DFIR) may be preferred.

●4-7 years of total experience in SOC in a large multi-national organization or in a known MSSP. In addition, candidate should possess at least 2 years of working experience on SOAR solutions.

Responsibilities

●Run daily SOC operations including SIEM/SOAR tuning, alert triage, and coordinated incident response to ensure effective real-time threat monitoring.

●Handlle end-to-end security incident analysis, containment, mitigation, and reporting, leveraging SIEM/SOAR insights and cross-team coordination for swift resolution.

●Work on high priority incidents or escalated incidents from L1

●Assist L3 in any adhoc investigation, fine-tuning security solution.

●Continuously enhance SIEM/SOAR/XDR alert use cases and threat detection capabilities.

●Research emerging threats, vulnerabilities, and attack techniques to improve defenses.

●Document incident response activities and produce detailed reports for stakeholders.

●Conduct post-incident reviews to drive improvements in tools, processes, and readiness.

●Maintain detailed incident records, contribute to reporting, and support audit readiness.

●Guide and train junior analysts, promoting best practices and continuous improvement within the SOC.

●Stay up to date on emerging threats and technologies to continuously evolve SOC capabilities.

●Support comprehensive asset inventory and ownership mapping to ensure full monitoring coverage.

Technical & Soft Skills:

●Deep hands-on experience with technologies like SIEM, SOAR, XDR such as Google Chronicle, Crowdstrike Logscale, Splunk.

●Strong working knowledge of endpoint security tools and concepts, including EDR (CrowdStrike, Defender, Cortex), DLP, and MDM.

●Strong knowledge of MITRE ATT&CK, NIST CSF frameworks, and cyber kill chain concepts.

●Good understanding of network security, operating systems, and hybrid cloud environments (Cloud, On-Prem, VDI).

●In-depth knowledge of threat landscapes and technical security concepts.

●Strong grasp of network protocols, OS internals, and security technologies.

●Familiar with compliance standards such as NIST CSF and ISO 27001.

●Ability to work under pressure, especially during critical security incidents.

●Ability to conduct independent research and analysis, identifying issues, formulating options, and making conclusions and recommendations.

●Skilled in developing professional documentation and detailed reporting (including PowerPoint presentations), including policies, standards, processes and procedures

●Very high attention to detail, with strong skills in managing/presenting data and information.

●Demonstrable conceptual, analytical and innovative problem-solving and evaluative skills.

●Good communication and interpersonal skills to effectively collaborate with stakeholders, and internal teams.