Expert Security Engineer Sec Ops Location: Lodz, PL, 90-530 At Barry Callebaut, we are on a journey to transform the cocoa and chocolate industry. As the world’s leading manufacturer of high-quality chocolate and cocoa products, our actions truly shape the future of our industry. We are a business-to-business company, serving the entire food sector, from the cocoa bean to the finest chocolate product. We are a company with a purpose, we believe in doing well by doing good and reinvesting in the communities we operate. We have a long-standing commitment to sustainability and our goal is to shape a sustainable cocoa and chocolate future. We are headquartered in Zurich, and have more than 12,000 passionate Employees working in more than 40 countries worldwide. We are very proud of who we are and what we do. And of course, we are always looking for talented people to help us have a positive impact on our industry and beyond! About the role: Barry Callebaut Digital (BC Digital) is on a mission to lead the digital revolution in the chocolate industry, and we're looking for an Expert Security Engineer to join our Security Operations team. SecOps is one of the cornerstones of the Information Security Strategy and Framework and plays a vital role in our digital ecosystem. As an Expert Security Engineer SecOps, you’ll report directly to the Director of Security Operations. Your responsibilities will include overseeing the design, development, and maintenance of the SOC security infrastructure and tools, onboarding new data sources, developing automations, implementing monitoring use-cases, providing ideas for security configuration improvements, supporting security incident response, managing vulnerabilities, integrating and analyzing threat intelligence, and conducting resilience exercises in collaboration with cybersecurity partners and other teams. Working closely with professionals across Digital and Security teams, you’ll leverage cutting-edge tools to enhance our Barry Callebaut’s cyber resilience. If you thrive in a dynamic environment and are passionate about cybersecurity, seize this opportunity to make a tangible impact! Key responsibilities: + Lead initiatives in the SecOps area together with the Director of Security Operations to mature threat and response capabilities, being a strong player and mentor for other team members. + Design, develop and maintain the SOC security infrastructure, collaborate with SOC service providers and technology vendors. + Design, implement and oversee the processes like: SIEM use-case development, onboarding/onboarding data sources to SOC platform (achieving and maintaining target scope of monitoring), configuration enhancements for security detection and prevention solutions, SOC automations for efficient incident detection & response. + Implement and maintain a vulnerability management process. + Support SOC team in responding to major incidents and threat hunting. + Proactively analyze security threats and identify vulnerabilities across the entire IT/OT and cloud landscape, working closely with the 24/7 SOC to implement effective mitigation strategies. + Collaborate with cross-functional teams to enforce security controls and ensure adherence to best practices. + Conduct in-depth root cause analyses, extract key learnings, and drive remediation efforts to prevent recurrence of incident. + Optimize and maintain security tools including SIEM, Endpoint Detection and Response (XDR/EDR), vulnerability management, Cloud security posture management etc. + Spearhead regular threat and vulnerability assessments, as well as red and purple team exercises to enhance security posture. + Provide essential SOC security engineering support, including deployment and maintenance of SOC technology stack, incident response planning and execution, post-incident analysis. + Identify process and system improvement opportunities, gathering requirements to enhance IT security practices. + Support the implementation of robust security policies and systems to safeguard the IT environment About you: + Degree in IT/technology/telecommunication/data or infrastructure security a comparable field + CISSP, CISM, CISA, GIAC, or other relevant security-related certifications are appreciated, but not required + Proficient in English. + Advanced knowledge of infrastructure security, layered security approaches incl. network security measures, endpoint security, and cloud security with a minimum of 12 years of relevant working experience + Experience in providing SOC engineering / security integration services at least for 2 organisations. + Experience in implementing, maintaining and improving the configurations for the following types of technologies: + SIEM (eg. Microsoft Sentinel), + XDR (eg. Microsoft XDR), + SOAR, + Vulnerability Management. + Knowledge about SOC toolset maintenance processes. + Good knowledge of vulnerabilities testing, incident management, or business continuity management is a plus + Scripting or programming experience (Python, PowerShell) is beneficial. + Knowledge of security orchestration, automation and response (SOAR) to optimize the day-to-day activities. + Independent and self-driven personality, taking responsibility and owning tasks. + Strong analytical and problem-solving skills. + Ability to interpret business requirements and draw insights. + Excellent written and verbal communication skills, ability to present to diverse audiences. + Experience in working in the international environment and multi IT/security vendors environment. We offer: + Employment on a regular basis in the sweetest company in the world. + Annual bonus based on your work results. + Lunch card to be used for groceries and restaurants. + Private medical care in Lux Med (basic package fully financed by BC). + Fit Profit sports card co-financed by BC. + PPE: we care about your future, and we save money for your retirement. + Cafeteria Program as a part of Social Fund. + Group life insurance. + Hybrid working model: min. 8 days in the office a month. + As part of our work-life balance culture, we can start work between 7 am and 10 am. + Free consultation with a lawyer once a quarter. + Chocolate! Yes, surprising but we have chocolate in the office, for Christmas, BC’s Birthday, and many other occasions during the year. + And if chocolate is still not enough, you can join one of our theme clubs, where together with other employees we develop our passions and interests. + Daily delivery of fresh fruits and veggies to the office. + You can purchase our sweet products with a special discount. + Relax zone in the office and plenty of options to choose from: PlayStation 5, football table, pool table, Ping-Pong, library, table games, and massage chairs. + Sport @work? Sure! We have treadmills and indoor exercise bikes with a laptop station. + We like to party as much as we like chocolate! We have integration budgets we can use for team events. + Forever Chocolate and Event Team: you can join them and have a real influence on social life in BC and CSR activities At Barry Callebaut, we are committed to Diversity & Inclusion. United by our strong values, we thrive on the diversity of who we are, where we come from, what we’ve experienced and how we think. We are committed to nurturing an inclusive environment where people can truly be themselves, grow to their full potential and feel they belong. #oneBC - Diverse People, Sustainable Growth. If you want to learn more about Barry Callebaut, please find further information here. Were you missing anything in this job ad? Please share your feedback with us by clickinghere (https://app.talenthub.io/feedback/ad81b0fb66d2416990060452e7511e45?default\_lang=en) .