Security Operations Engineer (PID)
Share
Job Location:
Monthly Salary:
Posted on:
5 hours ago
Vacancies:
1 Vacancy
Job Summary
This is a remote position.
Security Operations Engineer (PID0632/0633) ISRC SAO
- Contract / Freelance
- Full-time
- Remote with travel readiness required (Germany)
- Start: 29/06/2026
About the role
We are seeking a Security Operations Engineer to join the Information Security Risk and Compliance function of a large internal platform programme in the energy sector. Working within a cloud-native hybrid platform environment you will design and build the SecOps tooling ecosystem develop detection capabilities and support incident response activities as the programme scales towards a structured 24x7 security operations capability.
What youll be doing
- Designing and building SecOps tooling covering SIEM SOAR vulnerability detection and management EDR logging pipelines and user behaviour analytics
- Developing architectural patterns and solution designs for the security tool ecosystem
- Evaluating and integrating new tools and platforms to strengthen detection response and automation capabilities
- Building and maintaining scalable data ingestion correlation and alerting workflows for advanced detection and response
- Coordinating with operational engineers to jointly maintain SecOps workflows and ensure platform reliability
- Building automation scripts playbooks and workflows in SOAR tooling to enhance response efficiency and reduce analyst workload
- Designing and building an internal SecOps product providing detection and response capabilities for vulnerabilities threats and security events
- Integrating with the internal observability product and broader corporate SOC capabilities
- Providing technical management during incidents including tooling behaviour data quality and engineering fixes
- Developing testing and operationalising detection capabilities based on evolving threats and platform telemetry
- Creating and maintaining detection-as-code artefacts such as Sigma rules YARA KQL queries and static analysis rules
- Validating detection quality through adversary simulation purple-teaming or continuous tuning
Requirements
What youll need
- 5 years of experience in security operations engineering and cloud security tooling
- Engineering background in SIEM/SOAR EDR platforms log ingestion telemetry pipelines scripting (Python PowerShell Go) and cloud-native security tooling
- Experience with infrastructure-as-code CI/CD toolchains and container orchestration (Kubernetes)
- Experience with threat modelling detection engineering frameworks TTP matrices and MITRE ATT&CK
- Experience creating architectural diagrams interface specifications and onboarding guidelines
- Experience with logging and detection solutions for cloud architecture
- Fluent English spoken and written (C1 minimum)
Desirable
- Experience with Wazuh
- Familiarity with observability platforms and OpenTelemetry
- Background in SOC Analyst Tier 1-3 roles or understanding of security operations centres
- Knowledge of security frameworks including BSI ISO 27001 and MITRE ATT&CK
- Experience with GCP or other public cloud providers
- DFIR or blue team certifications (CySA GIAC GCIH BTL)
- Kubernetes security experience (CKS or CNCF related)
Benefits
Als Freiberufler / Auftragnehmer bei uns genießen Sie flexible Arbeitszeiten und die Freiheit Ihre eigenen Projekte zu wählen. Unsere Plattform bietet Ihnen Zugang zu spannenden Projekten in verschiedenen Branchen und unterstützt Sie bei Ihrer beruflichen Entwicklung. Sie profitieren von einer attraktiven Vergütung und einem engagierten Team das Ihnen bei Fragen zur Seite steht. Arbeiten Sie unabhängig und nutzen Sie unser starkes Netzwerk um Ihre beruflichen Ziele zu erreichen.
Required Skills:
What youll need Proven experience translating business and process requirements into Atlassian-based workflows and configurations (Jira Confluence JSM) Strong understanding of Jira workflow design: issue types fields transitions permissions boards dashboards and automations Experience analysing process landscapes and deriving tool-based solutions Solid understanding of product delivery methodologies (Scrum SAFe Multi-Release Management or Platform Engineering) Experience defining and maintaining dashboards filters and reporting structures Ability to produce clear documentation templates and onboarding materials Fluent English spoken and written (C1 minimum) Desirable Familiarity with ITIL/ITSM DevOps or SRE practices Experience evaluating plug-ins and extensions from a functional perspective Experience deriving integration requirements for Atlassian tools (e.g. GitLab CMDB external ticketing) Fluent German spoken and written (C1 minimum)
