Security Operations Engineer

For an important

client in the Bellinzona area, we are looking for an hands-on Security Operations Engineer to help safeguard the organization’s digital assets and strengthen overall security posture.

This role bridges strategy and execution - ensuring security incidents are detected, analyzed, and resolved quickly and effectively.

You’ll own and evolve our Incident Response and Vulnerability Management practices, working closely with IT, Dev Ops, and the external SOC. This is an excellent opportunity for a mid-level cybersecurity professional who wants to make a measurable impact today and grow into a future leadership role.

• Act as the primary point of contact for escalated incidents from our SOC provider.
• Lead analysis, containment, and coordination of response efforts across IT and business units.
• Develop and maintain incident response playbooks, escalation protocols, and communication templates.
• Conduct post-incident reviews to capture lessons learned and strengthen defenses.
• Coordinate and manage red‑teaming activities and offensive testing (simulated attacks, penetration tests), including planning, scoping and running exercises with internal teams and third‑party providers.
• Operate and/or coordinate the use of offensive/assessment tools (e.g., Pentera, Ping Castle, Purple Knight, etc.) and translate findings into prioritized, actionable remediation plans.
• Build and maintain a centralized vulnerability inventory across infrastructure, applications, and endpoints.
• Collaborate with IT and development teams to define risk‑based remediation plans and track progress.
• Execute and support patching, hardening, and remediation activities.
• Collaborate closely with the identity team to ensure identity and access controls are secure, aligned with remediation plans, and tested as part of incident response and red‑team exercises.
• Deploy, configure, and fine‑tune security tools (SIEM, EDR, vulnerability scanners) for maximum effectiveness.
• Continuously monitor and improve the performance of deployed controls.
• Partner with Dev Ops to integrate security into CI/CD pipelines and Dev Sec Ops  practices.
• Work with risk, compliance, and governance teams to support audits and regulatory needs.
• Ensure alignment with service owners who will execute the remediation while providing guidance and verification of completion.
• Contribute to security awareness by sharing best practices and incident insights with colleagues.

• Bachelor’s degree in Computer Science, IT, or equivalent experience.
• 3–5 years of experience in cybersecurity operations, incident response, or vulnerability management.
• Solid technical knowledge of operating systems, networks, cloud platforms, and endpoint security.
• Hands‑on experience with SIEM, EDR, and vulnerability management tools.
• Familiarity with common attack vectors, malware behavior, and threat actor tactics (MITRE ATT&CK is a plus).
• Strong analytical and problem‑solving skills.

• Full‑time permanent contract.