THE ROLE & THE TEAM
The Zalando Cyber Defense Team is looking for a Principal Cybersecurity Engineer to help protect our critical assets against any cyber threat.
Our Principal Cybersecurity Engineer will work very closely with our Manager Cyber Defense, lead our response to major security incidents, take care of upskilling the Cyber Defense Team and making sure we have the right technology and processes in place to keep our security posture on the highest standard. They should be specialists in threat analysis, proactive threat hunting, threat detection and containment and also contribute with their knowledge to the InfoSec community within Zalando.
Most of their time, they will work during core business hours but also regularly on-call outside of business hours and on weekends on the 3rd level.
INCLUSIVE BY DESIGN
At Zalando, our vision is to be inclusive by design. And this vision starts with our hiring - we do not discriminate on the basis of gender identity, sexual orientation, personal expression, ethnicity, religious belief, or disability status. You are welcome to leave out your picture, age, or marital status from your application. We only assess candidates on their qualifications and merit.
We want to provide you with a great candidate experience. Feel free to inform us of any accommodations you may need, so we can best support you throughout the hiring process.
do.BETTER - our diversity & inclusion strategy: https://corporate.zalando.com/en/our-impact/dobetter-our-diversity-and-inclusion-strategy
Our employee resource groups: https://corporate.zalando.com/en/our-impact/our-employee-resource-groups
WHAT WE’D LOVE YOU TO DO (AND LOVE DOING)
As a Principal Cybersecurity Engineer, you will be the right hand of our Manager Cyber Defense and take a central role in our response to major incidents, reaching the 3rd level. You will lead and oversee 3rd level incident response activities, coordinating investigation efforts across all levels and collaborating with SOC, CSIRT, CTI teams, and other on-call staff to ensure swift and informed decision-making;
Engage with platform partners on 3rd party incidents to assess potential impacts and implement mitigation strategies, while maintaining high-level stakeholder communication and serving as the primary point of contact throughout the Incident Response Lifecycle;
Interact directly with senior executives, providing critical information for rapid decision-making, and ensure the quality of forensic incident investigation reports;
Continuously enhance monitoring coverage and design, and execute advanced tabletop exercises to ensure all cyber defense team members and stakeholders understand their roles and can effectively execute their responsibilities during an incident;
Develop and implement workflow automations and leverage Security Orchestration, Automation, and Response (SOAR) tools to increase the efficiency and effectiveness of incident response and overall cybersecurity operations;
Contribute to the overall strategy and development of the cyber defense team, providing mentorship and guidance to team members, and driving initiatives to improve the organization’s cybersecurity posture.
WE’D LOVE TO MEET YOU IF
You have 7+ years of working experience in a Cyber Defense Team, a CSIRT or a SOC;
You have excellent communication skills, verbal and written, and a proven track record for dealing with senior stakeholders;
You excel in proactive security practices, including advanced threat hunting and forensic investigations, enabling you to detect, analyze, and neutralize sophisticated cyber threats effectively;
You bring strong technical skills to help uplift the Cyber Defense Team and work closely with the Manager Cyber Defense and engineering teams;
You have a profound understanding of Amazon Web Services (AWS) and Kubernetes;
You are proficient in managing and securing Google Workspace or Microsoft 365;
You gained in-depth expertise in implementing and operating a variety of Incident management ticketing systems, SIEM platforms, SOAR tools, EDR and DLP solutions and WAFs;
The MITRE ATT&CK framework, the Cyber Kill Chain, and Nist 800-61r2 are very familiar to you;
You have experience with programming/scripting languages to streamline security operations such as Python, GO, PowerShell, Bash.
If you think you have what it takes, we encourage you to apply even if you don't meet every single requirement. You may just be the right candidate for this or other roles!
OUR OFFER
Zalando provides a range of benefits, here’s an overview of what you can expect. Ask your Talent Acquisition Partner to learn more about what we offer.
Employee shares program
40% off fashion and beauty products sold and shipped by Zalando, 30% off Zalando Lounge, discounts from external partners
2 paid volunteering days a year
Hybrid working model with 60% (or more) remote per week, actual practice is up to each team to best support their collaboration
Work from abroad for up to 30 working days a year
27 days of vacation a year to start
Relocation assistance available (subject to prior agreement)
Family services, including counseling and support
Health and wellbeing options (including Gympass)
Mental health support and coaching available
Learn all about Zalando and our values here: https://jobs.zalando.com/en/?gh_src=22377bdd1us