The Cyber Security Engineer forms part of the team responsible for Security Operations and Incident Response capabilities, within the wider Cyber Security team. The role involves driving the implementation, operation and continuous improvement of the security operations stack, including SIEM, EDR, SOAR, threat detection, and response processes, focusing on protecting HBX corporate environments from cyber threats.

The role collaborates closely with Technology, Corporate IT and Platform teams to ensure end-to-end visibility, detection and response across network, endpoint, identity and cloud environments, aligning with Zero Trust principles. The goal is to build and run a scalable, proactive and intelligence-driven Security Operations capability, while fostering a culture of collaboration, automation and continuous improvement.

Accountability and responsibilities

• Analytical skills: ability to quickly analyze this information and identify patterns that may signify potential security incidents is crucial.
• Communication skills : Efficient communication is essential when collaborating with other technology teams or reporting incidents to stakeholders within the organization. It is important for a SOC analyst to have clarity of speech when escalating events, and good written communication skills to document incidents as well as suggested steps of remediation.
• Cybersecurity knowledge: Familiarity with prevalent cyber threats, such as malware, phishing attacks, and DDoS attacks, is crucial. Grasping the concepts of anomaly identification and incident response will enable you to effectively identify and mitigate potential threats.
• Ethical hacking: The ability to hack into computer systems without breaking laws or regulations and use that knowledge for good instead of evil. This is also known as penetration testing or vulnerability scanning and forensic activities

Position requirements

• 5+ years at supervising Cybersecurity operations centers role.
• Knowledgeable of security risk assessments and controls around best practice frameworks and controls standards (e.g. ISO 27001, NIST)
• Problem-solving. This is essential for any role in IT. Must solve issues and problems with management and co-workers daily.
• Organizational skills. These are crucial for success in this field. Will be working with large amounts of data you must organize to make sense of it.
• Critical thinking. to think critically about every action you take in your role and how it affects the company.

Technical skills:

• Strong knowledge of Security Operations concepts (SIEM, SOAR, EDR, NDR, detection engineering, incident response)
• Hands-on experience with SIEM platforms (preferably CrowdStrike or equivalent)
• Experience with EDR solutions (e.g. CrowdStrike Falcon) and endpoint telemetry analysis
• Understanding of SOAR and security automation workflows
• Knowledge of threat detection frameworks (MITRE ATT&CK) and attacker techniques
• Experience with Zero Trust security models and secure access technologies (Zscaler, identity integration, CASB)
• Strong understanding of logging, telemetry pipelines and data correlation across systems
• Familiarity with network, cloud and identity security concepts
• Ability to work closely with Network and Platform teams to enhance visibility and controls
• Understanding of incident handling processes, alert triage, escalation and RCA (Root Cause Analysis)

Experience

• Experience in Security Operations, SOC or Incident Response roles.
• Previous experience in IT Operations or Cybersecurity environments
• Proven hands-on experience with SIEM, EDR and incident response in production environments
• Experience in threat detection engineering or threat hunting
• Exposure to cloud security, identity security or network security monitoring
• Experience working in global or distributed environments