At Evotec’s headquarters in Hamburg, Germany, the Global IT Security team is seeking a highly motivated and dedicated

Senior IT Security Analyst / Vulnerability Manager (all genders)

Full time and permanent

Responsibilities:

• Monitor and analyze security events using a Security Information and Event Management (SIEM) system, with a focus on Sentinel

• Detect incidents and lead or participate in the investigation and response activities with the external SOC provider and the Security Engineering team

• Proactively hunt for threats, identifying emerging risks and vulnerabilities

• Manage vulnerabilities through scans, assessments, and prioritized remediation efforts

• Collaborate closely with the Team Lead, SOC, and the external SOC team to ensure effective incident detection and response

• Assist in the development and maintenance of SOC processes, procedures, and guidelines

• Stay updated on the latest cybersecurity threats, trends, and best practices.

• Participate in continuous learning and development activities to enhance cybersecurity knowledge and skills

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, or a related field, or an equivalent qualification

• Professional working experience in cybersecurity roles, with a focus on SOC operations, incident response, vulnerability management, and/or threat hunting

• Strong knowledge of incident detection, response, and resolution processes.

• Expertise in utilizing cybersecurity tools, such as:

  • SIEM: Sentinel (must-have)

  • XDR: Defender (must-have), TrendMicro (nice-to-have)

  • Vulnerability Management: Rapid 7, Nessus

  • Firewalls: Fortinet FortiGate and FortiAnalyzer

  • Penetration Testing Tools: Kali Linux, Metasploit, Burp Suite

  • Network Traffic Monitoring: Wireshark, tcpdump, or Cain & Abel

  • Web Vulnerability Scanning Tools: OWASP ZAP, Nikto, Wapiti

  • Ticketing Solutions: Jira Service Management, ServiceNow Incident Management, Zendesk

  • Investigation Tools: The Sleuth Kit (TSK), Autopsy, Encase

• Proven ability to proactively identify and investigate security threats

• Strong problem-solving skills and the ability to analyze complex security incidents

• Effective coordination with internal and external teams

• Industry certifications such as CISSP, CEH, CISSM, GCIH, GCIA, Microsoft SZ-200, AZ-900, or equivalent are preferred

• Strong teamworker with professional communication skills

• Excellent written and verbal communication skills in English; proficiency in German is strongly preferred, and French would be a plus

Our offer:

• A position within a vigorous and exciting professional environment promoted by an open culture and a spirit of community

• A diverse, international workforce with a dynamic working environment that fosters creativity, innovations and teamwork

• 30 days of annual holiday, flexible working hours, and in-house canteen

• Capital forming benefits, holiday allowance, annual bonus depending on performance, and monthly allowance for public transportation (Deutschlandticket - JobTicket Premium)

FR : Dans le cadre de sa politique Diversité, Evotec étudie, à compétences égales, toutes les candidatures dont celles des personnes en situation de handicap.

ENG : In the frame of our Diversity policy, Evotec considers, with equal competences, all applications including people with disabilities.