A cybersecurity analyst responsible for monitoring, detecting, and responding to security incidents within Celonis' global security team, utilizing various security tools and frameworks to protect the company's digital assets.
Key Responsibilities
Monitor security events and potential security incidents using SIEM and other security tools
Respond to security events and incidents according to company policies and procedures
Participate in pre- and post-incident activities as outlined in the incident response plan
Assist in developing processes and procedures to improve detection and response capabilities
Build and test Security Orchestration, Automation, and Response (SOAR) capabilities
Create and test defense procedures and incident response playbooks
Document incident information in case management systems for historical analysis
Perform initial analysis of alerts from correlation tools and external sources
Participate in shift handovers and on-call rotations to ensure effective incident management
Requirements
The candidate must be part of the Celonis Global Cyber Defense Team (GCDT) and be available to cover the North America East Coast time zone.
The candidate must have experience in monitoring security events and potential security incidents.
The candidate must respond to security events and incidents in accordance with Celonis policies and procedures.
The candidate must participate in all pre and post incident activities as outlined in the Celonis Information Security Incident Response Plan.
The candidate must assist in the development of processes and procedures to improve detection and response capabilities.
The candidate must assist with building out Security Orchestration, Automation, and Response (SOAR) capabilities.
The candidate must create and test Celonis Defense Procedures and Incident Response (IR) Playbooks.
The candidate must create Detection Use Cases.
The candidate must document relevant incident information into the case management system, detailing the critical data for each incident to develop a historical record.
The candidate must monitor the environment, Security Information and Event Management (SIEM), and other internal security tools for compliance violations, anomalous behavior, and potential attacks to respond to possible threats.
The candidate must participate in shift turnover meetings between outgoing and incoming teams globally to pass along critical information and ensure effective transition of open cases.
The candidate must perform initial analysis of all new alerts generated by correlation alerting tools and other external sources feeding into the SIEM system and security monitoring tools.
The candidate must participate in on-call rotation.
The candidate must have familiarity with application security attack frameworks, cloud platform security, container security, database security, email security, endpoint security, incident response frameworks, incident response activities, network security, and social engineering techniques.
The candidate must have fundamental knowledge of Endpoint Detection and Response (EDR) tooling, log analysis, Security Information and Event Management (SIEM) tooling.
Benefits & Perks
Base salary range: $134,000 - $180,000 USD
Total compensation package including bonus, commission, equity, and benefits
Paid time off (PTO)
Hybrid working options
Company equity RSUs
Comprehensive health, dental, and life insurance
401k retirement plan
Extensive parental leave
Dedicated volunteer days
Gym subsidies
Counseling and well-being programs
Clear career paths and internal mobility
Dedicated learning programs and mentorship opportunities
Community and inclusion programs
Ready to Apply?
Join Celonis and make an impact in renewable energy