Senior Specialist Cyber Security

You will be the backbone of Infineon’s Cyber Security Incident Response Team (CSIRT).

• Lead and support the triage, containment, eradication, and recovery of security incidents that affect Infineon’s global information systems, products, and services.
• Operate and refine the CSIRT’s playbooks, runbooks, and escalation matrix for all cybersecurity domains (network, endpoint, cloud, embedded, and supply chain).
• Coordinate with the Joint Operations Centre (JOC), Threat-Intelligence, Vulnerability Team, and external partners to ensure a unified, rapid response.
• Maintain a detailed incident documentation, conduct root-cause analyses, and produce concise after-action reports that drive continuous improvement.
• Participate in tabletop exercises, red-team/blue-team drills, and periodic reviews of the CSIRT program to keep it aligned with industry best-practice frameworks.
• Use the CSIRT triage matrix to assess severity, scope, and potential impact of alerts from SIEM, EDR, network monitoring, and external threat-intel sources.
• Deploy containment strategies (e.g., network segmentation, quarantine of infected endpoints, and malicious file removal) and work with system owners to eradicate threats.
• Plan and execute safe restoration of services, validate system integrity, and coordinate with the IT Service Desk to minimize downtime.
• Perform analysis of computers/servers activity, memory dumps, disk images, network packet captures, and log correlation to identify attacker techniques, persistence mechanisms, and data exfiltration paths.
• Maintain a secure, audit-ready incident log; produce post-mortem reports with timelines, findings, mitigations, and lessons learned.
• Evaluate new CSIRT tools (SOAR, threat-intel platforms), recommend upgrades, and integrate them into existing workflows.
• Deliver incident updates to executive management, product teams, and external regulators; coordinate legal and PR responses when required.
• Conduct security incident drills for cross-functional teams and mentor junior CSIRT analysts.
• Ensure incident handling meets GDPR, NIST, and relevant internal compliance requirements.

• Bachelor’s degree in Information Security / Cyber Security, or any equivalent academic background.
• At least 5 years of related working experience in cyber-security incident response, CSIRT, or SOC leadership roles.
• Proven track record handling large-scale, multi-vector incidents (APT, ransomware, supply-chain, insider threats).
• Deep knowledge of the OSI model, TCP/IP, Windows/Linux, cloud (AWS, Azure), VPN, DNS, DHCP, etc.
• Hands-on and practical experience with SIEM systems, and EDR (CrowdStrike, MS-ATP)
• Experience with any of CQL, Kusto, Lucene / KQL syntax
• Scripting: PowerShell, Python, Bash as a plus
• Familiarity with forensic tools (X-ways Autopsy, Axiom) and network capture (Wireshark, Zeek) as a plus
• Security-intelligence or incident-response certifications (e.g., SANS SEC600, EC-Council CEH) are a plus.
• Clear written and verbal communication; skilled at producing concise technical reports.
• Proven ability to collaborate across distributed, cross-functional teams.

#WeAreIn for driving decarbonization and digitalization.

As a global leader in semiconductor solutions in power systems and IoT, Infineon enables game-changing solutions for green and efficient energy, clean and safe mobility, as well as smart and secure IoT. Together, we drive innovation and customer success, while caring for our people and empowering them to reach ambitious goals. Be a part of making life easier, safer and greener.

Are you in?

We are on a journey to create the best Infineon for everyone.

We embrace diversity and inclusion and welcome everyone for who they are. At Infineon, we offer a working environment characterized by trust, openness, respect and tolerance and are committed to give all applicants and employees equal opportunities. We base our recruiting decisions on the applicant's experience and skills.

Please let your recruiter know if they need to pay special attention to something in order to enable your participation in the interview process.