Cyber Threat Responder

Knauf stands for opportunity. This exciting role offers you the ideal opportunity to begin and further develop an impressive career within a values-driven culture.

As a global building materials manufacturer with 42,500 employees in 90 countries, we offer diverse opportunities to ambitious talent. We value every contribution and are committed to creating a safe and inclusive work environment with the aim of developing sustainable solutions for a better future.

Knauf Information Services GmbH is proud to be a part of the Knauf Group. With a long-standing tradition, and a growing international presence, we are seeking dedicated individuals to help us achieve our long-term vision.

Can you say ‘yes’?

• Is respectful and appreciative interaction within the team a given for you?
• Do you always put the customer at the center of your actions?
• Do you consider the future and upcoming generations in your actions?
• Do you strive for personal and professional growth?

What you'll do

• Provide end-to-end response to unknown threats identified in our environment and take over response to incidents escalated from less experiences team members.
• Investigate and resolve regular, medium and high-priority incidents, drive containment strategy for breach events.
• Regularly communicate with system owners, IT personnel, and business users as required to ensure effective threat management and resolution.
• As part of containment and eradication, recommend adjustments and policy changes for 1st line of defense security technology configuration such as IDS, proxy, EDR, email gateway, WAF etc.
• Develop and maintain Cyber Security Threat Response Playbooks for known threats and provide feedback and tuning recommendations on Use Cases to Threat Detection Engineers.
• Escalate high-priority threats to the CSIRT cyber crisis team for activation when necessary and actively participate in the resolution of incidents if mobilized.
• Actively guide junior team members, share knowledge and mobilize Cyber Threat Analysts for additional information gathering.

Who you are

• • You have deep knowledge of common threats, attack vectors, and Tactics, Techniques, and Procedures (TTPs), backed by a strong background in cybersecurity incident response.
  • You’re experienced with security operations tools such as SIEM, SOAR, EDR, ASM, and NDR, and skilled in using queries to extract and analyze relevant data.
  • You possess strong analytical and problem-solving skills, allowing you to navigate complex security incidents and mitigate risks effectively.
  • You’re team player, feeling comfortable in global, international and geographically distributed team.
  • You have hands-on experience with digital forensic, network forensic, and malware analysis techniques, enhancing your ability to conduct comprehensive threat assessments.
  • You thrive under pressure, understanding the business impact of cybersecurity incidents and responding swiftly and effectively.
  • You are proficient in analyzing log formats for common security events, determining root causes, and identifying timeline of threat activity.
  • You have programming skills, such as Python, which you can use for scripting and automating tasks related to incident response and security operations.
  • You hold a Bachelor’s degree in cybersecurity or IT with 4-6 years of relevant experience, preferably with certifications like GCIH, GCFA, or similar, demonstrating your expertise in incident response and enterprise-scale management.
   
  

What we offer you

We all shape our lives individually. As an employer, we play a significant role in the daily life of our employees and aim to support them with various offerings. This includes, among other things:

• Security: Permanent employment contract in a stable, successful family-owned company.
• Flexibility: 30 days of vacation, special leave for certain occasions, flexitime account with a broad time window for flexible working and weekly home office days.
• Fitness and health: Discounts on various sports and leisure activities (e.g., fitness studio Iphofen, swimming training, soccer, etc.), as well as opportunities for active health promotion through our company doctor and occupational health and safety offers.
• Daily time savings: Ample parking and direct access to public transport from the company premises (train, bus).
• Future planning: Subsidies for capital-forming benefits and offers for company pension schemes.
• Welcome approach: Individual onboarding days, company and team events, subsidized company canteen and our Barista coffee bar.
• Career and professional development: Individual support and promotion for part-time studies, further education and training.
• Benefits and vouchers: Discounts on well-known brands and reduced-price employee purchases.
• E-Bike leasing: Using tax advantages while promoting your own health.
• Relocation support: Assistance with international relocation

 

Knauf as an employer

Knauf Information Services GmbH, headquartered in Kitzingen, Germany, is a key driver of the KNAUF Group's global growth and digital transformation. A team of 500 highly qualified experts is committed to supporting the Group and its customers worldwide with innovative IT solutions and customized services. The core competencies of Knauf IT cover a wide range of IT services, including the development and implementation of complex software solutions, the optimization of business processes through digital technologies and ensuring IT security and data protection.

The Knauf Group is proud to be an equal opportunity employer. We are committed to a diverse and inclusive work environment, and we make all personnel decisions across all areas of our company based on experience, skills and integrity. We encourage applicants from all walks of life to apply for our positions, regardless of age, gender, gender identity, disability, sexual orientation, origin, religion and so forth.

Share our values and become part of the team to shape the future of Knauf together. 

---