Staff Security Engineer, CSIRT

Delivery Hero


Job Location:

Berlin - Germany

Monthly Salary: Not Disclosed
Posted on: 4 hours ago
Vacancies: 1 Vacancy

Job Summary

As a Staff Security Engineer within our CSIRT Team you will be accountable for leading our most critical complex and high-impact security incidents end-to-end across a global high-transaction food delivery and quick-commerce platform handling millions of daily orders. As a business spanning logistics e-commerce and FinTech our environment is highly regulated in this role you will navigate the complexities of global compliance frameworks while ensuring rapid effective incident mitigation.

You will operate at the intersection of a hands-on technical practitioner and a strategic leader making high-consequence decisions during times of ambiguity. We are looking for someone with a strong builder mindset. You dont just respond to security incidents; you approach operational bottlenecks as engineering problems. You will build systems develop custom tooling and architect automated workflows to relentlessly eliminate manual toil and scale our response capabilities ultimately setting the standard for engineering excellence and fostering a security mindset across the organization.

 

Your mission:

  • Incident Commander: Serve as the single accountable leader during active responses for high-severity incidents directing investigative focus from detection through recovery while maintaining a calm and decisive demeanor under pressure. You will ensure our response strategies and forensic evidence gathering align with strict reporting requirements for GDPR PCI-DSS NIS2 DORA MAS TRM and other regional mandates.

  • Post-Incident Reviews & Remediation: Lead blameless post-incident reviews to ensure continuous improvement durable engineering solutions and systemic resilience. 

  • Stakeholder Communication: Serve as the primary interface to stakeholders during critical security incidents translating complex technical realities into clear risk impact and decision frameworks.

  • Engineering-Led Response & Automation: Design and develop in-house solutions automated workflows and scalable systems to eliminate repetitive processes reduce triage time and continuously improve the overall quality and efficiency of our security incident response operations.

  • Mentorship & Leadership: Act as a hands-on technical leader and role model actively mentoring teams and individuals within your domain to raise the overall technical bar and share your experience.

  • Metrics & Strategic Visibility: Have a Data-Driven Strategic mindset to define track and improve core operational metrics (MTTD MTTR) to identify systemic gaps and propose strategic long-term security investments.

  • Organizational Readiness & Tabletop Exercises: Proactively design and facilitate complex realistic tabletop simulations and purple team engagements to stress-test our playbooks uncover detection blind spots and train the wider security and engineering organizations.

  • On-Call: Participate in a predictable on-call rotation as an Incident Responder leading the charge on high-severity out-of-hours escalations.

 


Qualifications :

 

  • 7 years of broad cybersecurity experience with a deep understanding of core security fundamentals coupled with 5 years of dedicated experience in a SOC or CSIRT environment.

  • Incident Commander Experience: Proven track record acting as a Security Incident Commander confidently managing incident timelines decisions and cross-functional communications during complex security events.

  • Deep Security Incident Response Expertise: Mastery of the full incident lifecycle and hands-on playbook creation for complex high-availability hybrid-cloud environments distributed microservices and platforms processing vast amounts of PII and payment data.

  • Security Tooling Mastery: Operational expertise with SIEM EDR Cloud Security platforms SOAR and WAF/DDoS protection solutions.

  • Software Engineering & Tooling (Builder Mindset): Advanced proficiency in writing production-quality code (e.g. Python Go Rust) to build scalable in-house solutions. 

  • Cloud-Native Security: Hands-on experience securing and responding to incidents across public cloud platforms (AWS GCP) and cloud-native technologies like Kubernetes Docker and Infrastructure-as-Code (e.g. Terraform).

  • Source Control & CI/CD: Familiarity with Git/GitHub usage CI/CD systems and modern SecOps workflows.

  • Strategic Leadership: An exceptional communicator with the ability to influence cross-functional stakeholders and simplify complex systems across domains without requiring formal authority.

Nice to have:

  • Investigative Depth: Digital forensics skills and hands-on experience integrating Threat Intelligence to anticipate attacks and proactively hunt for threats.

  • Malware Analysis & Reverse Engineering: Proven skills in static and dynamic (runtime) malware analysis reverse engineering and analyzing malicious payloads within isolated sandbox environments.

  • Web/Mobile Security: Strong background in Web and Mobile application security understanding complex API architectures modern authentication frameworks and defending against high-volume automated attacks (e.g. credential stuffing scraping).

  • AI & Next-Gen Tooling: Experience integrating AI/LLM capabilities and MCP (Model Context Protocol) usage into Incident Response for automated evidence summarization data enrichment or investigation.

  • Regulated Environment Expertise: Deep operational understanding of global cybersecurity and privacy frameworks (e.g. PCI-DSS GDPR NIS2 DORA MAS TRM). You know how to balance aggressive incident containment with the legal and forensic requirements necessary for regulatory compliance and breach notification.

  • Relevant Technical Certifications: Active or in-progress industry-recognized technical certifications focused on incident handling forensics or offensive security (e.g. GIAC GCIH/GCFA/GCIA CISSP OSCP).


Additional Information :

Ensuring you and all our Heroes are looked after happy and healthy is always on the menu. Because if youre in good shape then were in good shape.

  • Make the most of our hybrid working model and join the team for face-to-face connection and collaboration in our beautiful Berlin campus 2 days a week

  • We offer 27 days holiday

  • We will support you in developing yourself and your career growth opportunities: 1.000 Educational Budget Language Courses Parental Support access to the Udemy Business platform to explore a variety of online courses

  • Get moving and release those wonderful mind-boosting endorphins: Health Checkups Mindfulness and Gym & Bicycle Subsidy

  • The power of getting together over some food is unrivalled. Here are a few ways to help you do that. All the yum: Digital Meal Vouchers Food Vouchers Corporate Discounts. Courses and access to Internal Housing Hub

                 

Ready to join our team If youre excited to grow collaborate and be part of the worlds leading delivery platform wed love to hear from you. Apply today!

We believe diversity and inclusion are key to creating not only an exciting product but also an amazing customer and employee experience. Fostering this starts with hiring - therefore we do not discriminate on the basis of racial identities religious beliefs color national origin gender identities or expressions sexual orientations age marital or disability statuses or any other aspect that makes you you.

We encourage you to let us know if you need any accommodations or specific accessibility support to ensure a smooth interview experiencejust let us know with an email to our Inclusion Officer at

Severely disabled applicants with equal qualifications will be given preferential consideration.

Youre welcome to share your pronouns (he/she/they) right from the start so we can address you respectfully from our first contact.

We believe diversity and inclusion are key to creating not only an exciting product but also an amazing customer and employee experience. Fostering this starts with hiring - therefore we do not discriminate on the basis of racial identities religious beliefs color national origin gender identities or expressions sexual orientations age marital or disability statuses or any other aspect that makes you you.

We encourage you to let us know if you need any accommodations or specific accessibility support to ensure a smooth interview experiencejust let us know with an email to our Inclusion Officer at

Severely disabled applicants with equal qualifications will be given preferential consideration.

Youre welcome to share your pronouns (he/she/they) right from the start so we can address you respectfully from our first contact.


Remote Work :

No


Employment Type :

Full-time

As a Staff Security Engineer within our CSIRT Team you will be accountable for leading our most critical complex and high-impact security incidents end-to-end across a global high-transaction food delivery and quick-commerce platform handling millions of daily orders. As a business spanning logistic...

About Company

Company Logo

As the world’s leading local delivery platform, our mission is to deliver an amazing experience, fast, easy, and to your door. We operate in over 70+ countries worldwide, powered by tech but driven by people. As one of Europe’s largest tech platforms, we enable ambitious talent to del ... View more

View Profile View Profile