Security Analyst

Metro Global Solution Center (MGSC) is internal solution partner for METRO, a €31 Billion international wholesaler with operations in more than 30 countries. The store network comprises a total of 623 stores in 21 countries, of which 522 offer out-of-store delivery (OOS), and 94 dedicated depots. In 12 countries, METRO runs only the delivery business by its delivery companies (Food Service Distribution, FSD). 

HoReCa and Traders are core customer groups of METRO. The HoReCa section includes hotels, restaurants, catering companies as well as bars, cafés and canteen operators. The Traders section includes small grocery stores and kiosks. The majority of all customer groups are small and medium-sized enterprises as well as sole traders. METRO helps them manage their business challenges more effectively. 

MGSC, location wise is present in Pune (India), Düsseldorf (Germany) and Szczecin (Poland). We provide HR, Finance, IT & Business operations support to 31 countries, speak 24+ languages and process over 18,000 transactions a day. We are setting tomorrow’s standards for customer focus, digital solutions, and sustainable business models. For over 10 years, we have been providing services and solutions from our two locations in Pune and Szczecin. This has allowed us to gain extensive experience in how we can best serve our internal customers with high quality and passion. We believe that we can add value, drive efficiency, and satisfy our customers.

●As a Level 1 Cyber Defense Operations Center (CDOC) Analyst, you will monitor different security solutions with focus on SIEM and SOAR technologies. You’ll be responsible for triaging security incidents, involving L2/L3 incase of high and critical incident. This role requires medium level of technical knowledge about network, email and Operating systems etc , team player quality, and a proactive approach to evolving threats.

Role and Responsibilities 

●Run daily Security monitoring, alert triage, and coordinated incident response to ensure effective real-time threat monitoring.

●Continuously enhance SIEM/SOAR/XDR alert use cases and threat detection capabilities.

●Research emerging threats, vulnerabilities, and attack techniques to improve defenses.

●Collaborate across teams to improve the organization’s threat detection and response maturity.

●Maintain detailed incident records, contribute to reporting, and support audit readiness.

●Share knowledge with about new findings, update SOP, promoting best practices and continuous improvement within the SOC.

●Ensure detection and response processes align with regulatory and organizational standards.

●Stay up to date on emerging threats and technologies to continuously evolve SOC capabilities.

●Support comprehensive asset inventory and ownership mapping to ensure full monitoring coverage.

Technical & Soft Skills:

●Good hands-on experience with technologies like SIEM, SOAR, XDR such as Google Chronicle, CrowdStrike, Logscale, Splunk.

●Good working knowledge of endpoint security tools and concepts, including EDR (CrowdStrike, Defender, Cortex), DLP, and MDM.

●Strong knowledge of MITRE ATT&CK, NIST CSF frameworks, and cyber kill chain concepts.

●Good understanding of network security, operating systems, and hybrid cloud environments (Cloud, On-Prem, VDI).

●In-depth knowledge of threat landscapes and technical security concepts.

●Strong grasp of network protocols, OS internals, and security technologies.

●Familiar with compliance standards such as NIST CSF and ISO 27001.

●Strong organizational and time management skills with the ability to coordinate and prioritize multiple tasks simultaneously.

●Ability to work under pressure, especially during critical security incidents.

●Ability to conduct independent research and analysis, identifying issues, formulating options, and making conclusions and recommendations.

●Skilled in developing professional documentation and detailed reporting (including PowerPoint presentations), including policies, standards, processes and procedures

Good communication and interpersonal skills to effectively collaborate with stakeholders, and internal teams

Qualifications & Experience

●Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. A Master's degree or relevant certifications (e.g., Security+ , CEH ,GCIH) may be preferred.

●2-4 years of total experience in SOC in a large multi-national organization or in a known MSSP.