• Crafting detection rules that enhance threat identification and response capabilities.
• Utilizing frameworks for effective analysis and mitigation strategies.
• Designing and developing solutions for analyzing security incidents, as well as implementing effective response strategies to mitigate threats.
• Applying and understanding Indicators of Compromise (IoCs) and threat intelligence enhancement strategies to bolster threat detection capabilities.
• Acting as a key responder for security incidents detected by the platform.
• Collaborating on assessing new tools and conducting PoCs to recommend effective cybersecurity technologies.
• Optimizing existing security tools for better threat detection.
• Applying best practices for securing both cloud and on-premises systems.

• 5+ years of hands-on experience working with EDR, NDR, SOAR tools and technologies;
• Strong understanding of security frameworks like MITRE ATT&CK and NIST CSF for threat detection and response;
• Relevant certifications such as CISSP, CEH, CompTIA Security+, or cloud certifications (Google Cloud, AWS, Azure) are highly valued;
• Ability to create and optimize detection rules as well as knowledge of threat detection techniques and frameworks;
• Experience with incident analysis and response processes; familiarity with identifying Indicators of Compromise (IoCs);
• Experience in IT infrastructure and IT security as well as in the analysis of log data (Unix Linux derivatives, Windows operating systems, databases);
• Excellent communication skills to convey technical information to non-technical stakeholders;
• Experience with different reporting tools. Provide insights and recommendations based on security analysis and findings;
• Ability to evaluate, test, and implement solutions through Proof of Concepts (PoCs);
• Experience with improving security tools and platforms; knowledge of securing cloud.

In return, we offer:

• Good work-life balance, including 25 days annual paid leave (increasing with 1 day per year up to 31 in total), flexible working hours, work-from-home and work from abroad opportunities;
• Luxury package of additional health and dental insurance;
• Food vouchers in the amount of EUR 80 monthly;
• 6 additional annual days off for exceptional circumstances
• Employee assistance program for psychological, financial and legal consultations;
• Multisport card;
• Annual contribution of EUR 153.39 net per child for a summer camp/school/kindergarten for children up to age of 15;
• Possibilities for building career-advancing skills by covering training/certification courses and conferences based on individual learning and development needs, access to an online learning platform;
• Opportunities for long-term professional development in a stable, 150-year-old company while contributing to the vision of a new, just starting Digital Technology Center;
• Friendly and supportive multicultural environment, open to new opinions and ideas.

Commerzbank is proud to be an equal opportunity employer, committed to creating a diverse environment. All qualified applicants will receive consideration for employment without regard to gender, race, color, national origin, religion, gender identity or expression, sexual orientation, genetics, disability, age, or any other characteristics.

Learning Platforms; Children Summer Camp Contribution; Employee assistance program; Food vouchers; 6 Exceptional Days Off; 25 up to 31 annual paid leave; Multisport Card; Health& Dental Insurance; Work-life balance; Work internationally

Commerzbank is a leading international commercial bank with branches and offices in almost 50 countries. The world is changing, becoming digital, and so are we. We are leaving the traditional bank behind us and we are choosing to move forward as a digital enterprise.

As part of this strategy, Commerzbank continues the expansion of its Digital Technology Center in Sofia, Bulgaria. We need motivated people who will join us on this journey and we are looking for Senior Security Operations Engineer in our Cyber Defense and Base Services team.

Apply now with your up-to-date CV in English!

Due to the high volume of applications, we contact only the candidates who best match the role requirements. If you do not hear from us within 14 days, please consider that we won't proceed with your application at this stage.