Staff Security Engineer, GSOC

Delivery Hero


Job Location:

Berlin - Germany

Monthly Salary: Not Disclosed
Posted on: 3 hours ago
Vacancies: 1 Vacancy

Job Summary

We are looking for a Staff Security Engineer Global SOC (all genders) to join the Security Engineering domain on our journey to always deliver amazing experiences.
 

As a Staff Security Engineer within our Global SOC you will be the technical anchor for our Security Monitoring and Threat Detection capabilities across a high-transaction food delivery and quick-commerce platform handling millions of daily orders. As a business spanning logistics e-commerce and FinTech our environment is highly regulated in this role you will build and govern the systems that ensure rapid high-fidelity threat detection in compliance with global frameworks.

 

You will operate at the intersection of a hands-on technical practitioner and a strategic engineering leader. We are looking for someone with a strong builder mindset who views threat detection as a software engineering discipline. Instead of staring at dashboards you will architect and define our log pipelines SIEM & SOAR infrastructure and implement Detection Engineering methodologies as code. You will develop threat detection use cases integrate Cyber Threat Intelligence and build the automated triage workflows that seamlessly escalate validated high-severity incidents to our CSIRT team for final containment. Ultimately you will provide a robust scalable detection platform globally.

Your mission:

  • Detection & Platform Architecture: Architect implement strengthen and scale the Security Log Management (on AWS) SIEM and SOAR (Google SecOps) infrastructure. You will own the log ingestion pipelines ensuring high availability performance and optimal retention based on business requirements.

  • Engineering-Led Detection & Automation: Architect build and maintain log ingestion pipelines detection rules (e.g. YARA-L) API integrations and SOAR workflows & Plugins. You will lead the charge in treating Detection as Code ensuring all alerts and automated enrichments are version-controlled tested and deployed through CI/CD pipelines.

  • Cyber Threat Intelligence: Establish and integrate CTI capabilities to drive an intelligence-led detection strategy. You will map detections to the MITRE ATT&CK framework and proactively hunt for threats specific to Delivery Hero and its entities.

  • Triage & Escalation Engineering: Design high-fidelity alert workflows. For all security events you will ensure our automated systems gather enrich and seamlessly conduct the right response and containment workflow.

  • Stakeholder Communication: Serve as the primary interface between the Global SOC and Engineering teams CISOs and the CSIRT team translating complex detection & response architectures log ingestion pipeline requirements into clear technical and business terms.

  • Mentorship & Leadership: Act as a hands-on technical leader and role model actively mentoring detection engineers and regional security teams to raise the overall technical bar and promote a collective security mindset.

  • Metrics & Strategic Visibility: Maintain a Data-Driven Strategic mindset to define track and improve core operational metrics (Log Pipeline Health Alert Fidelity True Positive Rates MTTD) to identify systemic gaps and propose strategic security investments.

  • On-Call: Participate in an on-call rotation focused on maintaining critical SIEM/SOAR infrastructure health handling high-severity alert triage and executing emergency escalations to CSIRT.


Qualifications :

What you need to be successful:

  • 7 years of broad cybersecurity experience with a deep understanding of core security fundamentals coupled with 5 years of dedicated experience in a SOC or Threat Detection Engineering environment.

  • Security Tool Mastery: Deep operational and architectural expertise with modern SIEM & SOAR platforms (specifically Google SecOps / Chronicle) EDR and Cloud infrastructure (AWS/GCP) 

  • Engineering Skills: Proven experience utilizing Git/GitHub CI/CD pipelines to deploy rules manage infrastructure and automation as code.

  • CTI & Triage Workflows: Strong background in operationalizing Cyber Threat Intelligence and building scalable alert triage processes that reduce false positives and prevent alert fatigue.

  • Strategic Leadership: An exceptional communicator with the ability to influence cross-functional stakeholders (Regional Security Teams Platform Engineering) and simplify complex systems across domains without requiring formal authority.

  • Advanced Threat Detection (Cloud Identity & EDR): Proven deep operational experience triaging alerts and building high fidelity detections across public cloud environments (AWS/GCP) modern Identity Providers (e.g. Okta Entra ID Google Workspace) and EDR platforms (e.g. CrowdStrike SentinelOne Defender).

  • AI & Next-Gen Tooling: Experience integrating AI/LLM capabilities and MCP (Model Context Protocol) usage into Threat Detection and SOAR for automated alert triage payload analysis or data enrichment (highly regarded skill).

Nice to have:

  • Advanced Cyber Threat Intelligence: Experience building threat intel programs managing intelligence platforms (e.g. MISP) and translating raw IOCs/TTPs into high-fidelity detection logic.

  • Regulated Environment Expertise: Deep operational understanding of global cybersecurity and privacy frameworks (e.g. PCI-DSS GDPR NIS2 DORA MAS TRM). You know how to implement logging retention and audit capabilities that meet strict regulatory compliance requirements.

  • Relevant Technical Certifications: Active or in-progress industry-recognized technical certifications focused on security engineering cloud architecture or threat detection (e.g. AWS Certified Security/Solutions Architect GCIA/GCDA/GMON CISSP).


Additional Information :

Ensuring you and all our Heroes are looked after happy and healthy is always on the menu. Because if youre in good shape then were in good shape.

Ready to join our team If youre excited to grow collaborate and be part of the worlds leading delivery platform wed love to hear from you. Apply today!

 

We believe diversity and inclusion are key to creating not only an exciting product but also an amazing customer and employee experience. Fostering this starts with hiring - therefore we do not discriminate on the basis of racial identities religious beliefs color national origin gender identities or expressions sexual orientations age marital or disability statuses or any other aspect that makes you you.

We encourage you to let us know if you need any accommodations or specific accessibility support to ensure a smooth interview experiencejust let us know with an email to our Inclusion Officer at it in your application.

Severely disabled applicants with equal qualifications will be given preferential consideration.

Youre welcome to share your pronouns (he/she/they) right from the start so we can address you respectfully from our first contact.

We believe diversity and inclusion are key to creating not only an exciting product but also an amazing customer and employee experience. Fostering this starts with hiring - therefore we do not discriminate on the basis of racial identities religious beliefs color national origin gender identities or expressions sexual orientations age marital or disability statuses or any other aspect that makes you you.

We encourage you to let us know if you need any accommodations or specific accessibility support to ensure a smooth interview experiencejust let us know with an email to our Inclusion Officer at

Severely disabled applicants with equal qualifications will be given preferential consideration.

Youre welcome to share your pronouns (he/she/they) right from the start so we can address you respectfully from our first contact.

We believe diversity and inclusion are key to creating not only an exciting product but also an amazing customer and employee experience. Fostering this starts with hiring - therefore we do not discriminate on the basis of racial identities religious beliefs color national origin gender identities or expressions sexual orientations age marital or disability statuses or any other aspect that makes you you.

We encourage you to let us know if you need any accommodations or specific accessibility support to ensure a smooth interview experiencejust let us know with an email to our Inclusion Officer at

Severely disabled applicants with equal qualifications will be given preferential consideration.

Youre welcome to share your pronouns (he/she/they) right from the start so we can address you respectfully from our first contact.


Remote Work :

No


Employment Type :

Full-time

We are looking for a Staff Security Engineer Global SOC (all genders) to join the Security Engineering domain on our journey to always deliver amazing experiences. As a Staff Security Engineer within our Global SOC you will be the technical anchor for our Security Monitoring and Threat Detection cap...

About Company

Company Logo

As the world’s leading local delivery platform, our mission is to deliver an amazing experience, fast, easy, and to your door. We operate in over 70+ countries worldwide, powered by tech but driven by people. As one of Europe’s largest tech platforms, we enable ambitious talent to del ... View more

View Profile View Profile