Volvo Group
Transport is at the core of modern society. Imagine using your expertise to shape sustainable transport and infrastructure solutions for the future. If you seek to make a difference on a global scale, working with next‑gen technologies and the sharpest collaborative teams, then we could be a perfect match.
What You Will Do
As a Cybersecurity Analyst Senior within the Global Cybersecurity Operations Center (CSOC) you will play a crucial role as a key technical expert responsible for managing and responding to advanced cyber threats, conducting in‑depth investigations, and supporting the overall security posture of The Volvo Group. This role combines hands‑on technical expertise with leadership and mentoring responsibilities, ensuring effective threat detection, incident response, and continuous improvement of SOC capabilities. Analyze and respond to complex security incidents and alerts generated by SOC tools (e.g., SIEM, EDR, IDS/IPS) Investigate and resolve escalated incidents from Level 1 and Level 2 analysts, ensuring swift containment and remediation Lead investigations into cybersecurity incidents, including malware infections, data breaches, and insider threats Perform digital forensics to collect, analyze, and preserve evidence for legal or compliance requirements Provide incident reports with detailed root‑cause analyses and actionable recommendations Use threat intelligence to identify patterns and indicators of compromise (IOCs) relevant to the organization Work closely with junior analysts to provide guidance, training, and mentorship, fostering a culture of growth and knowledge‑sharing Collaborate with IT, cybersecurity, and business stakeholder teams to implement and improve security controls In this role, you will be responsible for analyzing data, carrying out alert and incident response processes, conducting in‑depth analysis of network and endpoint data, and incorporating threat intelligence to enhance detection and mitigation strategies. You will support a team that works the following hours within the Security Operations Center. Who are you?
Bachelor’s degree in Computer Science or a related 4‑year technical degree Minimum 7 years of experience in supporting cyber defense operations in highly complex enterprise networks; experience in SOC, SIRT, or CSIRT capacities One or more of the following certifications: GIAC Certified Intrusion Analyst, GCIH Certified Incident Handler, GCIA Certified Intrusion Analyst, CISSP Experience in enterprise cybersecurity environment investigating targeted intrusions through complex network segments Expert understanding of Advanced Persistent Threat (APT), Cybercrime, and Hacktivist tactics, techniques, and procedures (TTPs) Subject‑matter expert in cybersecurity principles, threat lifecycle management, and incident management Comprehensive knowledge of various operating systems (Windows, macOS, Linux), network protocols, and application layer protocols Demonstrable experience in scripting languages (e.g., PowerShell, Python, PERL) Understanding of the Cyber Kill Chain methodology, the NIST framework, the MITRE ATT&CK framework, and SANS Critical Security controls Working knowledge in modern cryptographic algorithms and systems Experience working with and tuning signatures, rules, and security technologies (IDS/IPS, SIEM, sandboxing tools, EDR, email security platforms, user behavior analytics) Network design knowledge including security architecture Strong analytical and technical skills in network defense operations, including experience with incident handling (detection, analysis, triage) Conceptual understanding of cyber threat hunting Prior experience and ability to analyze cybersecurity events to determine true positives and false positives, including alert triage, incident investigation, and countermeasure implementation Previous experience with SIEM platforms and log aggregation systems that perform collection, analysis, correlation, and alerting Ability to develop rules, filters, views, signatures, and countermeasures for cyber defense platforms, and support analysis and detection continual improvement Knowledge of emerging cybersecurity technologies Ability to create technical documents and stakeholder reports Preferred Qualifications
Deep cybersecurity operations center experience in intelligence‑driven detection, security principles, threat lifecycle management, incident management, digital forensics and investigations, network monitoring, endpoint monitoring, OT security principles Process management experience in CSOC, including procedure management, initiative management, and continual operational improvement Preferred certifications: CISSP, GCIH, GCIA, Linux+, CCNA, CCNP Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to business leaders and technical teams Demonstrated knowledge in cyber defense policies, procedures, and regulations Knowledge of cyber vulnerability management processes Knowledge of common user and system authentication and authorization mechanisms Ready for the next move?
Are you excited to bring your skills and disruptive ideas to the table? We can’t wait to hear from you. Apply today! We value your data privacy and therefore do not accept applications via mail. Who We Are And What We Believe In
We are committed to shaping the future landscape of efficient, safe, and sustainable transport solutions. Fulfilling our mission creates countless career opportunities for talents across the group’s leading brands and entities. Every day, you will be working with some of the sharpest and most creative brains in our field to leave our society in better shape for the next generation. We are passionate about what we do, and we thrive on teamwork.
#J-18808-Ljbffr
As a Cybersecurity Analyst Senior within the Global Cybersecurity Operations Center (CSOC) you will play a crucial role as a key technical expert responsible for managing and responding to advanced cyber threats, conducting in‑depth investigations, and supporting the overall security posture of The Volvo Group. This role combines hands‑on technical expertise with leadership and mentoring responsibilities, ensuring effective threat detection, incident response, and continuous improvement of SOC capabilities. Analyze and respond to complex security incidents and alerts generated by SOC tools (e.g., SIEM, EDR, IDS/IPS) Investigate and resolve escalated incidents from Level 1 and Level 2 analysts, ensuring swift containment and remediation Lead investigations into cybersecurity incidents, including malware infections, data breaches, and insider threats Perform digital forensics to collect, analyze, and preserve evidence for legal or compliance requirements Provide incident reports with detailed root‑cause analyses and actionable recommendations Use threat intelligence to identify patterns and indicators of compromise (IOCs) relevant to the organization Work closely with junior analysts to provide guidance, training, and mentorship, fostering a culture of growth and knowledge‑sharing Collaborate with IT, cybersecurity, and business stakeholder teams to implement and improve security controls In this role, you will be responsible for analyzing data, carrying out alert and incident response processes, conducting in‑depth analysis of network and endpoint data, and incorporating threat intelligence to enhance detection and mitigation strategies. You will support a team that works the following hours within the Security Operations Center. Who are you?
Bachelor’s degree in Computer Science or a related 4‑year technical degree Minimum 7 years of experience in supporting cyber defense operations in highly complex enterprise networks; experience in SOC, SIRT, or CSIRT capacities One or more of the following certifications: GIAC Certified Intrusion Analyst, GCIH Certified Incident Handler, GCIA Certified Intrusion Analyst, CISSP Experience in enterprise cybersecurity environment investigating targeted intrusions through complex network segments Expert understanding of Advanced Persistent Threat (APT), Cybercrime, and Hacktivist tactics, techniques, and procedures (TTPs) Subject‑matter expert in cybersecurity principles, threat lifecycle management, and incident management Comprehensive knowledge of various operating systems (Windows, macOS, Linux), network protocols, and application layer protocols Demonstrable experience in scripting languages (e.g., PowerShell, Python, PERL) Understanding of the Cyber Kill Chain methodology, the NIST framework, the MITRE ATT&CK framework, and SANS Critical Security controls Working knowledge in modern cryptographic algorithms and systems Experience working with and tuning signatures, rules, and security technologies (IDS/IPS, SIEM, sandboxing tools, EDR, email security platforms, user behavior analytics) Network design knowledge including security architecture Strong analytical and technical skills in network defense operations, including experience with incident handling (detection, analysis, triage) Conceptual understanding of cyber threat hunting Prior experience and ability to analyze cybersecurity events to determine true positives and false positives, including alert triage, incident investigation, and countermeasure implementation Previous experience with SIEM platforms and log aggregation systems that perform collection, analysis, correlation, and alerting Ability to develop rules, filters, views, signatures, and countermeasures for cyber defense platforms, and support analysis and detection continual improvement Knowledge of emerging cybersecurity technologies Ability to create technical documents and stakeholder reports Preferred Qualifications
Deep cybersecurity operations center experience in intelligence‑driven detection, security principles, threat lifecycle management, incident management, digital forensics and investigations, network monitoring, endpoint monitoring, OT security principles Process management experience in CSOC, including procedure management, initiative management, and continual operational improvement Preferred certifications: CISSP, GCIH, GCIA, Linux+, CCNA, CCNP Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to business leaders and technical teams Demonstrated knowledge in cyber defense policies, procedures, and regulations Knowledge of cyber vulnerability management processes Knowledge of common user and system authentication and authorization mechanisms Ready for the next move?
Are you excited to bring your skills and disruptive ideas to the table? We can’t wait to hear from you. Apply today! We value your data privacy and therefore do not accept applications via mail. Who We Are And What We Believe In
We are committed to shaping the future landscape of efficient, safe, and sustainable transport solutions. Fulfilling our mission creates countless career opportunities for talents across the group’s leading brands and entities. Every day, you will be working with some of the sharpest and most creative brains in our field to leave our society in better shape for the next generation. We are passionate about what we do, and we thrive on teamwork.
#J-18808-Ljbffr