Security Operations Center Analyst

Salt is currently hiring a Senior SOC Analyst for a client of ours in Germany.

Senior Security Operations Center (SOC) Analyst (f/m/d)

Locations: Berlin, Munich, Wuppertal, Würzburg (hybrid)

Type: Full-time

The Role

We are looking for a Senior SOC Analyst to play a key role in detecting, investigating, and responding to complex security threats across cloud and on-prem environments.

You will lead advanced incident investigations, drive threat hunting and detection engineering, and help mature SOC capabilities through automation, tooling improvements, and close collaboration with IT, DevOps, and engineering teams.

This role reports into senior cyber security leadership and sits within Product Operations and Corporate IT.

Key Responsibilities

• Lead investigation and response to complex security incidents across endpoints, networks, cloud platforms, and applications
• Perform proactive threat hunting using SIEM, EDR, logs, and threat intelligence
• Tune and improve detection capabilities across SIEM, EDR, and monitoring tools
• Design and maintain incident response playbooks and SOAR automation
• Conduct forensic analysis and root cause investigations
• Coordinate remediation with IT, DevOps, and development teams
• Support vulnerability management, penetration testing, audits, and compliance (e.g. ISO 27001)
• Mentor analysts and drive continuous SOC improvement

What You Bring

Required

• Strong experience in SOC operations and complex incident response
• Hands-on expertise with SIEM, EDR, SOAR, and threat intelligence tools
• Experience threat hunting across applications, infrastructure, and cloud environments
• Solid understanding of cloud platforms (Azure, Azure AD, AWS)
• Knowledge of secure SDLC, CI/CD pipelines, and modern infrastructure architectures
• Bachelor’s degree in Cyber Security or equivalent experience
• Fluent English (spoken and written)

Nice to Have

• German language skills
• Experience with Microsoft Sentinel
• Exposure to containerized environments (Docker, Kubernetes)
• Experience in SaaS or cloud-native organizations
• Familiarity with red/purple team exercises and advanced detection engineering
• Interest or experience in AI-related security topics

Why This Role

• Work on advanced security challenges in a modern, cloud-driven environment
• Influence SOC strategy, tooling, and operational maturity
• Collaborate closely with engineering and cloud teams