At Volvo Group, we are embarking on an organization-wide digital transformation with a strong focus on cybersecurity. As part of this initiative, we are building a world-class Cybersecurity Operations Center (CSOC). We are seeking ambitious professionals with the right mindset to join our team in Gothenburg, Sweden, and contribute to our mission of protecting the Volvo Group. 

Job Summary 

As a CSOC L3 Cybersecurity Incident Responder at Volvo Group, you will play a pivotal role in responding to cybersecurity incidents. You will have the opportunity to work with a global team of security professionals to protect the company together as one team. 

Note! This is an on-site role, and although there is flexibility for work from home, we expect presence at the office on most normal working days. This role also expects availability to work on some public holidays on a rotation. We work only day shifts, but the global CSOC covers monitoring 24/7 every day of the year. 

Responsibilities: 

• Coordinate and lead incident response on complex cybersecurity incidents.  
• Conduct deep technical investigations, including malware analysis, reverse engineering, and forensic investigations, to fully understand threats and threat actor behavior.
• Prepare and present comprehensive incident reports, metrics, and trend analyses to management and stakeholders.
• Serve as the senior technical escalation point for the CSOC, providing guidance and support to L1 and L2 analysts.
• Provide guidance and mentorship to junior analysts, supporting their professional growth and skill development.
• Improve automation and ways of working to help the CSOC optimize the usage of analyst time and increase effectiveness.
• Identify and address gaps in CSOC processes, recommending enhancements to strengthen detection, response, and prevention capabilities.
• Develop, review, and improve incident response playbooks and procedures to ensure effective and consistent management of security incidents.
• Validate and enhance CSOC monitoring rules to improve threat detection capabilities and response times.
• Proactively hunt for threats across endpoints, networks, cloud environments, and logs, leveraging threat intelligence and MITRE ATT&CK methodologies.
• Continuously explore ways to reduce the risk of successful breaches, leveraging your technical expertise to identify and implement effective security measures.
• Stay up-to-date with emerging threats, attack techniques, and security technologies to continuously elevate CSOC capabilities.
• Develop yourself by utilizing the appointed commercial technical training platform. Elevate yourself and help elevate the team to protect the Volvo Group better. 

Requirements: 

• At least 5 years of experience within CSOC and incident response, with advanced technical analysis expertise. 
• Proficient in SIEM, EDR, and SOAR platforms, leveraging these tools to automate and optimize CSOC workflows. Proven ability to lead complex investigations into advanced threats as an experienced incident handler.
• Strong passion for technology and cybersecurity, with a focus on deepening expertise in incident response, forensics, threat analysis, and malware reverse engineering.
• Excellent team player with strong interpersonal skills and a collaborative mindset.
• Any industry certifications, such as GCIH, GCFA, or other technical certificates supporting incident response, digital forensics, and CSOC work are considered a huge plus.
• Positive mindset, curiosity, open-mindedness, and a proactive approach to problem-solving.
• Ability to work effectively, driving projects to completion and taking ownership of work tasks.
• Professionalism, attention to detail, and a focus on delivering high-quality results.
• Willing to work some public holidays on a rotational basis and support on-call incident response for the 24/7 global CSOC.
• Availability to be at the office in Lundby, Gothenburg, Sweden. 

Join us at Volvo Group, where you will be part of a dynamic team dedicated to building a world-class CSOC. Together, we will strengthen the cybersecurity defenses of Volvo Group and make a lasting impact on the security landscape of the industry. 

What’s in it for you? 

 We offer a solid package of compensation and benefits, plus you will enjoy:  

• A company that supports diversity, equity & inclusion
• A new organization with highly skilled professionals from diverse backgrounds
• Colleagues with innovative mindset, always ready to support and share information
• A supportive Manager enabling your professional growth
• Opportunities to develop, build a career and work globally or cross-functionally 

Ready to join the team? 

If any of the things you’ve just read made you feel confident in being the right person for the role, we are excited to hear from you; apply today without any hesitation! We will interview suitable candidates during the application period. 

 
We value your data privacy and therefore do not accept applications via mail.  

“In some countries and for specific positions within Volvo Group Digital & IT, background checks may be required, in accordance with local laws & regulations. If this is applicable to the role you have applied for, you will be informed.”