Analyst - Global Cyber Defense Team (GDCT)

We're Celonis, the global leader in Process Intelligence technology and one of the world's fastest-growing SaaS firms. We believe there is a massive opportunity to unlock productivity by placing AI, data and intelligence at the core of business processes - and for that, we need your help. Care to join us?

The Team:
This position will be part of the Celonis Global Cyber Defense Team (GCDT) and will cover the North America East Coast time zone. The GCDT is comprised of experienced Incident Response (IR) and Security Operations Center (SOC) personnel who work together closely to keep Celonis safe.

The Role:
This position is primarily responsible for the monitoring of security events and potential security incidents on both user endpoints and within cloud native environments. This person will respond to security events and incidents in accordance with Celonis policies and procedures. The position will also participate in all pre and post incident activities as outlined in the Celonis Information Security Incident Response Plan, to include the duties outlined below.

The work you'll do:

• Monitor user endpoints, cloud native environments, SIEM, and other internal security tools for compliance violations, anomalous behavior, and potential attacks
• Participate in shift turn over meetings between outgoing and incoming teams globally to pass along critical information and ensure any open cases are effectively transitioned
• Perform initial analysis of all new alerts generated by correlation/alerting tools in addition to other external sources that will feed into the SIEM system and other security monitoring tools, to include
• Participate in weekly afterhours on-call rotation
• Respond accordingly to potential security threats to the organization
• Document relevant incident information into the case management system, detailing the critical data for each incident to develop a historical record
• Assist in the development of processes and procedures to help improve detection and response capabilities
• Create and test Celonis Defense Procedures and IR Playbooks
• Create Detection Use Cases
• Assist with building IR automations

The qualifications you need:
Fundamental knowledge of the following:

• Cloud Platform Security
• Log Analysis
• DevSecOps
• Endpoint Detection & Response (EDR) Tooling
• Security Information & Event Management (SIEM) Tooling
• Incident Response Frameworks
• Incident Response Activities
• Attack Frameworks
• Endpoint Security

Familiarity with the following:

• Container Security
• Database Security
• Email Security
• Network Security
• Social Engineering Techniques

What Celonis Can Offer You:

• Pioneer Innovation: Work with the leading, award-winning process mining technology, shaping the future of business.
• Accelerate Your Growth: Benefit from clear career paths, internal mobility, a dedicated learning program, and mentorship opportunities.
• Receive Exceptional Benefits: Including generous PTO, hybrid working options, company equity (RSUs), comprehensive benefits, extensive parental leave, dedicated volunteer days, and much more. Interns and working students explore your benefits here.
• Prioritize Your Well-being: Access to resources such as gym subsidies, counseling, and well-being programs.
• Connect and Belong: Find community and support through dedicated inclusion and belonging programs.
• Make Meaningful Impact: Be part of a company driven by strong values that guide everything we do: Live for Customer Value, The Best Team Wins, We Own It, and Earth Is Our Future.
• Collaborate Globally: Join a dynamic, international team of talented individuals.
• Empowered Environment: Contribute your ideas in an open culture with autonomous teams.

About Us:
Celonis makes processes work for people, companies and the planet. The Celonis Process Intelligence Platform uses industry-leading process mining and AI technology and augments it with business context to give customers a living digital twin of their business operation. It's system-agnostic and without bias, and provides everyone with a common language for understanding and improving businesses. Celonis enables its customers to continuously realize significant value across the top, bottom, and green line. Celonis is headquartered in Munich, Germany, and New York City, USA, with more than 20 offices worldwide.

Get familiar with the Celonis Process Intelligence Platform by watching this video.

Celonis Inclusion Statement:
At Celonis, we believe our people make us who we are and that "The Best Team Wins". We know that the best teams are made up of people who bring different perspectives to the table. And when everyone feels included, able to speak up and knows their voice is heard - that's when creativity and innovation happen.

Your Privacy:
Any information you submit to Celonis as part of your application will be processed in accordance with Celonis' Accessibility and Candidate Notices

By submitting this application, you confirm that you agree to the storing and processing of your personal data by Celonis as described in our Privacy Notice for the Application and Hiring Process.

Please be aware of common job offer scams, impersonators and frauds. Learn more here.