Security Operations Engineer (f/m/d)

Security Operations Engineer

Are you passionate about cybersecurity and blue team topics like threat hunting, anomaly detection, and incident response? Do you thrive in an agile environment and want to contribute to a leading digital company? Join us as a Security Operations Engineer and help secure our products: WEB.DE, GMX, and mail.com! In this role, you’ll be at the heart of our operational security.

Innovate and Enhance

Design and continuously improve processes and tools in key areas such as SIEM, cyber threat intelligence, threat hunting, vulnerability management, and digital forensics – helping us maintain a real-time understanding of our threat landscape.

Lead Incident Response

Triage security alerts and take the lead as Incident Manager / Commander during confirmed incidents, coordinating cross-functional teams under pressure.

Automate Workflows

Automate detection and response workflows, leveraging established platforms like SIEM or EDR/XDR, as well as your own custom scripts and playbooks.

Technical Analysis

Perform in-depth technical analyses, including log analysis and digital forensics.

24/7 Coverage

Participate in our on-call rotation, ensuring 24/7 security coverage when needed.

Your Profile

Do you have a technical degree or equivalent education, and a passion for cybersecurity? Have you already gained hands-on experience in the field? Then we’re looking forward to your application!

Expertise

Strong knowledge of common security operations tools and processes—such as SIEM, cyber threat intelligence, vulnerability management, or forensic tools—and staying current with best practices and standards (e.g., NIST, FIRST, MITRE ATT&CK). Relevant certifications (e.g., OSCP, GCIA, GCIH) are a plus, but not required.

Technical Foundation

Solid technical foundation with a deep understanding of networks, communication protocols, operating systems, and web-based distributed architectures. Continuous Learning: Commitment to continuous learning and regularly sharpening your skills in IT infrastructure and security. Familiarity with modern practices such as DevSecOps, Continuous Delivery, Detection as Code, or Infrastructure as Code.

Hands-On Skills

Comfortable writing scripts or code in at least one language (solid Python knowledge is a plus) using Git-based workflows.

Team Player

Excellent communication skills (English level at least C1) and the ability to guide and align stakeholders.

Our Benefits

• Lived corporate culture: Flat hierarchies, a culture of respect and appreciation, signatories of the Diversity Charter, open communication, and no dress code.
• Wide range of further training: Internal and external training opportunities, LinkedIn Learning, language courses, talent development programs, conferences, and mentoring.
• TEC-Campus: Free choice between Linux, Mac, or Windows, slack days, conferences, lecture series, courses, open-source projects, community meetups, and user groups.
• Active health care: Wellpass, free internal sports and fitness classes, health days, family & care support services, discounts at fitness centers, mental health first responder, fresh fruit, and drinks for free.
• Mobility: Subsidy for job bike leasing, job ticket, and relocation service if you live outside Germany.
• Flexible working models: Home office options, flexible working hours, and 30 days of vacation with the option for additional unpaid leave.
• Financial benefits: Corporate benefits, company pension scheme, capital-forming benefits, occupational disability insurance, and various partner discounts.
• Events: Summer and winter parties, sports tournaments, and team events.

Key skills/competency

• Security Operations Engineer
• Cybersecurity
• Blue Team
• Threat Hunting
• Incident Response
• SIEM
• Vulnerability Management
• Digital Forensics
• Python Scripting
• MITRE ATT&CK