IT Security Incident Expert

Requirements

• 6+ years in SOC, IR, or Detection Engineering roles.
• Strong experience with SIEM (e.g., Splunk), EDR/XDR (e.g., Defender, TrendMicro, CrowdStrike), SOAR, and Azure technologies.
• Experience in IT incident management
• Knowledge of attacker TTPs (MITRE ATT\&CK), Windows/AD/Linux fundamentals, cloud (M365/Azure/AWS), and network security.
• Certification in information security (or related) such as GIAC, CISSP, Azure Security
• Experience with

Additional Information

Take a step forward and let Edenred surprise you. Every day, we deliver innovative solutions to improve the life of millions of people, connecting employees, companies, and merchants all around the world. We know there are hundred ways for you to grow. With us, you will expand your skills in a multicultural, challenging, and dynamic environment. Dare to join Edenred and get ready to thrive in a global company that will offer you endless opportunities. Edenred is all about meritocracy. You come as you are, and you contribute. Indeed, the Edenred Group recognizes, recruits and develops all talents and singularities. We are committed to preventing all forms of discrimination and to providing all our candidates with equal opportunities regardless of their gender and gender expression, disability, origin, religious belief and sexual orientation or any other criteria. ABOUT EDENRED Edenred is a pioneer, a tech leader and the everyday companion for people at work across more than 44 countries. Our 12,000 employees are committed to making the world of work a better place for all, one that is safer, more efficient and more user-friendly. At Edenred, our passion for customers, respect, imagination, simplicity and entrepreneurial spirit are our values. For anyone who needs to vibe in their professional life, we are the best place for you to work and grow. The Edenred Digital Center (EDC) in Bucharest, Romania is Edenred Group's new Digital hub for strategic IT projects. Context/ROLE As part of the Edenred Global Information Security Team (lead by the Edenred Global Chief Information Security Officer), this position will be reinforcing the currently existing Security Operations Team which manages and supervises security incidents & alerts, leads the Security Operations Center, and improve security on our Infrastructures. The Security Operations Team works with IT and business management to ensure proper end to end management of security incident, from detection to resolution and post incident action plans. Position SCOPE & Key Responsibilities The IT Security Incident Expert will be reporting directly to the Computer Emergency Response Team lead within the Incident Response Team. The IT Security Incident Expert will: Contribute to the development of the Edenred Computer Emergency Response Team based on the Security Operations Team capabilities, the Global Centers of Expertise and the Information Security leaders in the Business Units. Triage, investigate, and resolve security alerts across SIEM, EDR, email security, cloud security, and network telemetry. Act as a Security Incident Manager for priority incidents: drive incident command, comms, runbooks, and cross‑team coordination to resolution. Report security incidents in a timely manner, with calibrated report and communication according to the targeted stakeholders (Line Management, C-Level, Data Privacy, Business Line, Business Units, Technology teams, etc.). Work closely with Edenred Security Operation Center (SOC), Application owners, IT infrastructures & operations, business owners and local CISO to update and create detection use cases. Improve alert logic: build/tune SIEM/SOAR/EDR detections, refine use cases, add context enrichment, and reduce false positives. Design and build security "Playbooks" and procedures to SOC, Centers of Expertise and BU to manage security incidents. "Playbooks" refer to a specific procedure to deploy to respond to a specific type of incident, threat or risk. Implement threat intelligence and threat hunting activities Perform root-cause analysis and lead post-incident reviews with actionable remediation and detection enhancements. Ensure that legal or regulatory requirements are respected (working closely with Legal department and Data Privacy). Collaborate with Threat Intel, Platform, and IT to close control gaps and strengthen preventive/detective posture. As part of Global Security Operations Team and depending on your background, you will also be part of other topics addressed by the Global IT security team. The Security Operations Expert will interface with many stakeholders in Technology, Business and support functions (e.g. Legal & Data Privacy, Risk Management, Human resources) and from many countries/regions (Head quarter, EMEA, Americas, APAC). It will give you the opportunity to acquire a good understanding of all Edenred's activities and their evolution. This will be excellent levers to continuity your career within Edenred. Required skills & profile

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at edenpeople? Share your experience