Key Responsibilities of the SecOps Resource

• Tune and investigate incidents as alerted from Sophos Intercept X (as deployed by Artemis).
• During Splunk deployment, focus efforts on triaging Sophos Intercept X alerts.
• Deploy and follow best-practice runbooks for investigation.
• Deliver a 9x5 incident investigation service aligned to German time zone unless otherwise agreed.
• Triage and action quarantine cases, ensuring remediation is completed before releasing devices.
• Monitor, tune, and investigate alerts from the Varonis DSPM platform.
• Support Qualys-based Vulnerability Management services depending on the agreed division of responsibility between Artemis, Tech PS, and this service.

SecOps Analyst Profile

• Two analysts will be assigned.
• Degree-educated or certified (e.g., Security+, BTL1, SC-200, AZ-500) with 3–6 years of security operations experience.
• Backgrounds could include SysAdmin, Security Engineering, or SOC Analyst roles.
• Proficient in:
• Sophos Intercept X alert tuning and investigations
• Varonis DSPM
• Defender for O365
• Splunk for cloud environments
• Fluent in German and English (spoken and written)
• Skilled in incident handling across Windows, AD, and cloud setups
• Able to follow, improve, and document security processes and playbooks
• Comfortable working independently or as part of a wider security team