Cyber Security Engineer

The Security Operations Center’s mission is to detect, analyze, and respond to security incidents in real time. You will join a diverse, collaborative environment and work closely with experienced cyber security specialists. The team brings together professionals from varied cultural backgrounds and extensive knowledge across multiple domains, including threat intelligence, incident response, cloud security, penetration testing, compliance, and security architecture, offering diverse perspectives and reliable problem‑solving capability.

Digital Solutions & Development > Digital Solutions > Enterprise Cyber Security

Key Responsibilities:

Security Platform Engineering

• • Design, implement, configure, and maintain cybersecurity platforms (SIEM, XDR, SOAR, Threat Intelligence, vulnerability management tools)
  • Ensure resilient and scalable integration of security tools into enterprise infrastructure (on-prem and cloud)
  • Maintain secure logging pipelines and normalize telemetry via ASIM/KQL to deliver high-signal data for advanced threat detection and rapid incident response.

Detection Engineering

• • Develop, tune, and maintain advanced detection analytics aligned to MITRE ATT&CK techniques
  • Build behavioral and anomaly-based detections using structured log data
  • Perform detection validation, simulation, and continuous improvement based on SOC feedback
  • Reduce false positives through structured tuning methodologies

Automation & Orchestration

• • Design and implement security automation workflows (SOAR playbooks, response automation, enrichment pipelines)
  • Develop scripts and API integrations to streamline repetitive security tasks
  • Automate reporting, alert triage enrichment, and remediation actions

AI & Copilot Enablement

• • Leverage AI-powered security tools (e.g., Microsoft Security Copilot) to enhance detection analysis and response efficiency
  • Develop prompt engineering strategies to operationalize LLM-assisted investigations
  • Evaluate AI-driven anomaly detection and behavioral analytics capabilities
  • Ensure responsible and secure use of AI within security operations

Cloud & DevSecOps Integration

• • Embed security controls into CI/CD pipelines and DevOps workflows
  • Support cloud-native security services across Azure and AWS
  • Collaborate on container and Kubernetes security architecture

Incident Response Support

• • Deliver engineering-focused technical support during critical incident response
  • Develop containment or remediation automation where recurring patterns are identified
  • Conduct post-incident detection gap analysis

Documentation & Knowledge Transfer

• • Maintain high-quality documentation of detection logic, automation workflows, and system architecture
  • Deliver technical training sessions and enablement workshops for SOC analysts

Qualifications:

Experience

• • Minimum 3-5 years of experience in cybersecurity engineering, detection engineering, or security platform engineering roles
  • Demonstrated experience working in enterprise-scale SOC or security engineering settings

Technical Capabilities

Core Security Platforms

• • • SIEM (preferably Microsoft Sentinel)
    • XDR/EDR (preferably Microsoft Defender XDR)
    • SOAR platforms and workflow automation
    • Threat Intelligence platforms (e.g., MISP, SOCRadar)
    • Vulnerability Management (Tenable, OpenVAS)
    • Firewalls, IDS/IPS, WAF, NDR technologies

Engineering & Automation

• • • Proficient scripting capability (PowerShell, KQL, Python, Bash)
    • Experience with REST APIs and system integrations
    • Experience with Docker and containerized deployments
    • Familiarity with CI/CD and DevSecOps methodologies
    • Log management stacks (Elasticsearch, Logstash, Kibana)

Cloud Security

• • • Azure and AWS security services
    • Identity and access management concepts
    • Cloud logging and monitoring architecture

Frameworks & Standards

• • • MITRE ATT&CK
    • NIST Cybersecurity Framework (NIST-CSF)
    • CIS Controls
    • ISO 27001

Education & Certifications

• • Bachelor’s degree in Cybersecurity, Computer Science, IT, or related field
  • Relevant certifications such as Security+, CEH, AZ-500, SC-200, or similar are advantageous

Competencies:

Technical Competencies

• • Detection engineering and threat modeling skills
  • Automation-first engineering mindset
  • API-driven system integration capability
  • Solid understanding of adversary tactics and attack lifecycle
  • AI literacy in cybersecurity applications (LLM usage, Copilot integration, automation augmentation)

Behavioral Competencies

• • Methodical and structured problem-solving approach
  • High attention to detail and engineering rigor
  • Collaborative and cross-functional mindset
  • Ability to translate operational gaps into engineered solutions
  • Continuous learning orientation toward emerging technologies (AI, cloud-native security, automation)

Our commitment to a fair hiring 

At Vestas, we evaluate all candidates solely based on their professional experience, education, and relevant skills. To support a fair recruitment process, we kindly ask that you remove any photos, dates of birth or graduation, gender pronouns, marital status, or other personal information not relevant to the role before submitting your CV/resume. Your CV/resume should focus on your professional and educational background, along with the necessary contact details (email and phone number). We train our hiring teams in inclusive evaluation and regularly review process outcomes to ensure fairness.

DEIB Statement

At Vestas, we recognize the value of diversity, equity, and inclusion in driving innovation and success. We strongly encourage individuals from all backgrounds to apply, particularly those who may hesitate due to their identity or feel they do not meet every criterion. As our CEO states, "Expertise and talent come in many forms, and a diverse workforce enhances our ability to think differently and solve the complex challenges of our industry". Your unique perspective is what will help us powering the solution for a sustainable, green energy future.

BEWARE – RECRUITMENT FRAUD

It has come to our attention that there are a number of fraudulent emails from people pretending to work for Vestas. Read more via this link, https://www.vestas.com/en/careers/our-recruitment-process

About Vestas

Vestas is the energy industry’s global partner on sustainable energy solutions. We are specialised in designing, manufacturing, installing, and servicing wind turbines, both onshore and offshore. 

Across the globe, we have installed more wind power than anyone else. We consider ourselves pioneers within the industry, as we continuously aim to design new solutions and technologies to create a more sustainable future for all of us. With more than 185 GW of wind power installed worldwide and 40+ years of experience in wind energy, we have an unmatched track record demonstrating our expertise within the field. 

With 30,000 employees globally, we are a diverse team united by a common goal: to power the solution – today, tomorrow, and far into the future. 

Vestas promotes a diverse workforce which embraces all social identities and is free of any discrimination. We commit to create and sustain an environment that acknowledges and harvests different experiences, skills, and perspectives. We also aim to give everyone equal access to opportunity. 

To learn more about our company and life at Vestas, we invite you to visit our website at www.vestas.com and follow us on our social media channels. We also encourage you to join our Talent Universe to receive notifications on new and relevant postings.