Logo
 

Lead Security Operations Centre Analyst (m/f/d)

  • Bucharest (RO)
  • IT
  • Software Development
  • Fulltime
  • Published: 2025-04-26
scheme imagescheme image
Introducing Thinkproject Platform
 
Pioneering a new era and offering a cohesive alternative to the fragmented landscape of construction software, Thinkproject seamlessly integrates the most extensive portfolio of mature solutions with an innovative platform, providing unparalleled features, integrations, user experiences, and synergies.
 
By combining information management expertise and in-depth knowledge of the building, infrastructure, and energy industries, Thinkproject empowers customers to efficiently deliver, operate, regenerate, and dispose of their built assets across their entire lifecycle through a Connected Data Ecosystem.

What your day will look like

We are seeking a skilled Lead Security Operations Centre (SOC) Analyst to join our team and play a critical role in protecting our organization from cyber threats. You will be responsible for leading the day-to-day operations of our Network Security Operations Centre (NSOC), continuously improving our capabilities in threat detection, security event response, and proactive monitoring. The NSOC is responsible for monitoring, detecting, analysing, and responding to security incidents and events, ensuring the integrity, confidentiality, and availability of our solutions and data. You will ensure our operations align with industry best practices and Thinkproject’s compliance obligations across all platforms.
 
The Lead SOC Analyst will play a critical role in building and managing our cybersecurity operations. They will be responsible for real-time threat analysis, event investigation, and coordinating a timely and effective response to potential security incidents. Working closely with cross-functional teams, the Lead SOC Analyst will ensure threats are swiftly identified, remediated, and documented. They will also lead and mentor a team of analysts, driving a coordinated, strategic response to both emerging and ongoing threats.
 
The ideal candidate will have extensive experience working within a Security Operations Centre (SOC) environment. They should possess hands-on expertise in implementing, configuring, and managing logging and monitoring solutions, particularly Security Information and Event Management (SIEM) systems, and be well-versed in tuning detection rules, managing alerts, and leveraging SIEM data for effective incident triage and response. 
The candidate should bring leadership and mentoring capabilities, providing oversight and expert guidance to other SOC analysts while promoting a positive culture of continuous improvement.
 
The role will involve handling both reactive responses to security events of varying criticality and proactive measures to enhance the organization’s security posture. Familiarity with cloud platforms such as Azure and AWS is advantageous.
 
The SOC Analyst will also be responsible for monitoring the health of Thinkproject's IT network infrastructure, responding to health-related events using the same high-level structure applied to cybersecurity events.
 
This role sits within the Product Operations and Corporate IT branch, reporting to the Director of Cyber Security and Networking, and operates as part of the broader Cyber Security, Network Engineering, and Operations team.

What you need to fulfill the role

  • Lead the daily operations of the NSOC, ensuring effective monitoring, analysis, and response to security events and threats. Manage shift coverage to ensure the NSOC is staffed during core working hours across Thinkproject’s multiple operating time zones.
  • Investigate and respond to security events and incidents, ensuring timely identification, containment, eradication, and recovery. Coordinate with cross-functional teams as needed, and document and report incidents in accordance with established policies.
  • Conduct forensic analysis of cybersecurity events, ensuring that all documentation meets legal and compliance standards.
  • Conduct regular security checks on key systems to monitor for issues and indications of compromise
  • Proactively hunt for threats using threat feeds and advanced analysis to understand emerging threats and vulnerabilities. Provide insights and recommendations to mitigate risks.
  • Arrange and oversee frequent penetration tests of our solutions, ensuring they are conducted successfully and without impacting service.
  • Manage the output of security issues from cyber security assessment tools, coordinating with key stakeholders to ensure timely mitigation and remediation of identified issues and threats.
  • Assist in developing and implementing cybersecurity policies, procedures, monitoring and response solutions.
  • Ensure all security operations are conducted in compliance with relevant regulatory requirements, industry standards, and internal policies. Assist in the preparation and maintenance of audit and compliance documentation.
  • Prepare detailed internal and customer facing reports on security incidents, vulnerabilities, posture and compliance status for management, stakeholders and customers. 
  • Develop and implement event response procedures and playbooks
  • Participate in and develop security assessment exercises to evaluate operational effectiveness.
  • Contribute to the ongoing maturation of the Security Operations Centre by introducing new logging, monitoring, and response solutions to enhance departmental operations and improve cybersecurity coverage.
  • Conduct daily, weekly, and monthly stand-up meetings with internal teams and the wider engineering and operations groups to ensure effective coordination and alignment on current and upcoming deliverables
  • Assist in the development and management of the NSOC budget, providing input on resource planning, tooling requirements, training needs, and operational costs. Collaborate with leadership to ensure the budget aligns with strategic objectives and supports the ongoing growth and maturity of the SOC function
  • Mentor and guide SOC analysts, fostering a positive culture of continuous improvement. Coordinate the team to ensure an effective and consistent response to both emerging and ongoing threats.
  • Adapt SOC processes, solutions, and procedures to enhance the monitoring of the organization's IT network health.
 
You Must Have:
 
Language & Communication
 
  • Proficiency in spoken and written English, with the ability to communicate effectively across both technical and non-technical audiences
  • The ability to communicate difficult or sensitive information tactfully
 
Education & Experience:
 
  • A bachelor’s degree in Cyber Security or a related field, or equivalent professional experience
  • Strong knowledge of cybersecurity principles, threat landscapes, and incident response procedures
  • Awareness of current and emerging cyber threats affecting SaaS organisations
Technical Skills:
  • Hands-on experience with Security Information and Event Management (SIEM) tools, Endpoint Detection and Response (EDR) platforms, threat intelligence platforms, and vulnerability identification tools
  • Proficiency in analysing logs, network traffic, and security events to detect, investigate, and respond to threats
  • Experience managing security issues identified through internal tools and external assessments, ensuring remediation is completed in line with company policies and standards
 SOC Operations:
  • Experience contributing to the ongoing maturation of Security Operations Centre (SOC) functions, including the introduction of new logging, monitoring, and response capabilities
  • Experience managing business-as-usual (BAU) security operations workload alongside project-based work, both independently and in coordination with other team members
 
Teamwork & Leadership:
  • A positive, self-motivated attitude and the ability to inspire and motivate others
  • The ability to work effectively in a team environment, collaborating with cross-functional teams to achieve shared objectives
  • Strong time management and prioritisation skills, with the ability to manage your own workload and support others in doing the same
  • The ability to perform effectively under pressure, prioritise tasks, and make sound decisions in high-stress or emergency situations
  • A proactive mindset with the ability to critically evaluate your own work, identify improvement opportunities, and automate, simplify, or standardise processes where appropriate
It Would Be Good to Have:
 
   Language Skills:
  • Proficiency in German (spoken and written)
   SOC Leadership & Strategy:
  • Experience leading a SOC function to enhance maturity and expand coverage of monitored services
  • Experience developing and delivering security posture reports for diverse audiences, including stakeholders, customers, and senior management
  • Experience leading an operational team and coordinating analyst resources
  • Experience producing and managing key performance indicators (KPIs) to measure team performance and drive continuous improvement
  • Experience managing team budgets and contributing to SOC financial planning
  • Experience managing shift coverage rotas for multi-timezone operations
   Technical Expertise:
  • Experience with Azure, Azure AD, and AWS technologies and services
  • Experience conducting forensic analysis of cybersecurity incidents
  • Experience working within a software services organization
   Team Operations:
  • Experience conducting and facilitating daily, weekly, and monthly stand-up meetings to support effective team coordination and delivery

What we offer

Lunch 'n' Learn Sessions I Women's Network I LGBTQIA+ Network I Coffee Chat Roulette I Free English Lessons I Thinkproject Academy I Social Events I Volunteering Activities I Open Forum with Leadership Team (Tp Café) I Hybrid working I Unlimited learning

We are a passionate bunch here. To join Thinkproject is to shape what our company becomes. We take feedback from our staff very seriously and give them the tools they need to help us create our fantastic culture of mutual respect. We believe that investing in our staff is crucial to the success of our business.

Your contact:

Preethika Ramdass

Please submit your application, including salary expectations and potential date of entry, by submitting the form on the next page.


Working at thinkproject.com - think career. think ahead.