Cybersecurity Incident Responder

  • Buchs SG, Switzerland
  • 05/01/2024
Full time Data Science Data Analytics Artificial Intelligence Biostatistics Cybersecurity

Job Description

What's the role?

As an enthusiast and passionate Cyber Security Incident Responder, you will be part of our international Security Operations Centre (SOC) organization. You will help us to protect our crown jewels in IT/IoT/OT by improving detection logic and define playbooks every day and resolve security incidents as they materialize. You work jointly with our Global IT Engineering teams, our Digital Software & Services teams and our Legal and Data Protection organization.

Who is Hilti?

We provide leading-edge tools, technologies, software, and services for the global construction sector. Hilti is a multicultural workplace with 127 different nationalities in 60 countries committed to global teamwork.
Global IT within Hilti is a truly global team with main hubs in Buchs (Switzerland), Kuala Lumpur (Malaysia) and Plano/Tulsa (USA). All locations have highly competent teams who work very closely together. Hilti`s Global IT team is known for their focus on sustainable value creation by translating latest IT innovations into value creating solutions & services.

What does the role involve?

Are you cool as a cucumber under pressure? Are you able to make quick decisions? Do you enjoy the investigation process? Are you a DFIR instead of CISSP or CEH, and you don`t have to look any of these acronyms up? Then this role might be right for you. One of your main responsibilities is to manage and lead the efforts of response to complex attacks against Hilti globally. You help to improve the security incident response processes on our growing cloud and on-premises environments. You support investigations and bring them to resolution or escalate to system owners in Global-IT. In addition, you report the outcomes of incident handling to senior management. You write scripts, playbooks, detection logic, and work on orchestration and automation our target system landscape (including SIEM, SOAR, EDR). In a professional manner you manage all stakeholder interactions with a strong emphasis on user satisfaction.

We want to build the most highly automated, and extremely agile SOC in the construction and manufacturing industry.

What do we offer?

You will be working with a team of people striving for excellence, with an open, inclusive, and supportive culture. Leverage your expertise and the autonomy you will get to identify the best technological solution for the customer. See the direct impact of your work.
Come to a place where you will own your development and career journey. Work close to your colleagues at the office in Buchs, Switzerland, near our corporate headquarters in Liechtenstein.
Enjoy the variety of healthy food from the campus restaurants, keep in shape at the in-house gym, or commute with our ebikes free of charge. You will be amazed what the alpine life has to offer.
For the full range of benefits, take a look at

What you need is:

  • Master’s degree in computer science, information systems, engineering or a related to information security, cyber, or computer network defense.
  • 1-3 years’ experience working in Security Incident Response or related fields including threat hunting, malware analysis, cyber threat intelligence or security engineering.
  • Good to have hands-on experience or knowledge and understanding in SIEM/XDR/SOAR/TIP/EDR, NDR platforms.
  • Demonstrated experience in threat hunting activities.
  • Willing to be on-call (standby) as part of business-as-usual operations.
  • Certification: CISSP, GCIH, GSEC, FOR EC-Council’s Certified Incident Handler (ECIH), SEI Computer Security Incident Handler (CSIH) would be an added advantage

Why should you apply?

We thrive to mature into leading SOC organization with highly automated and extremely adaptive capabilities using latest technologies. We work in classical IT environments but also in IoT and OT environments where we anticipate a lot of progress and capability building in the future.
Does this sound like you? We look forward to your application! For further questions, please feel free to contact the hiring manager Sorin Crudu, Security Incident Responder via LinkedIn:
  • For non-EU / EFTA citizens: Please state your eligibility status to work in Switzerland/ Liechtenstein and note that if you do not own a valid Swiss/ Liechtenstein work permit, Hilti cannot guarantee your final employment due to authority regulations.
Learn more about us:
Learn more about life at Hilti Headquarters:

Hilti is an equal opportunity employer