[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-security-operations-engineer-mwd-remote-ffm-oder-berlin":3,"similar-security-operations-engineer-mwd-remote-ffm-oder-berlin":38},{"id":4,"slug":5,"title":6,"skills":7,"budget":22,"duration":23,"location":24,"onsitePercent":25,"contractType":26,"foundAt":27,"category":28,"description":32,"rawText":33,"webTitle":6,"webText":34,"language":35,"projectId":36,"sourceUrl":37},5376,"security-operations-engineer-mwd-remote-ffm-oder-berlin","Security Operations Engineer (m\u002Fw\u002Fd) - Remote & FFM oder Berlin",[8,9,10,11,12,13,14,15,16,17,18,19,20,21],"SIEM\u002FSOAR","EDR platforms","Python","PowerShell","Go","Kubernetes","CI\u002FCD","Infrastructure-as-code","Threat modeling","MITRE ATT&CK","Cloud security","Detection engineering","Log ingestion","Telemetry pipelines",null,"01.07.2026 bis Ende 2026 + Option","Frankfurt am Main oder Berlin",10,"contracting","2026-05-22T08:31:38+00:00",{"id":29,"slug":30,"label":31},5,"it_infra_security","IT-Infrastruktur & Security","Security Operations Engineer für innovatives Plattform-Projekt im Energiesektor gesucht. Aufbau von SecOps-Tooling, Incident Response und Detection Engineering für cloud-native Plattform. Weitestgehend remote mit monatlichen Vor-Ort-Terminen.","Security Operations Engineer (m\u002Fw\u002Fd) - Remote & FFM oder Berlin\n\nProjektnummer: #9410\n\nRegion: Remote & FFM oder Berlin\n\nZeitraum: 01.07.2026 bis Ende 2026 + Option\n\nIm Rahmen eines innovativen Plattform Projektes im Energiesektor suchen wir im Auftrag unseres Kunden nach Unterstützung als Security Operations Engineer (m\u002Fw\u002Fd) - Remote & FFM oder Berlin.  Die Tätigkeit erfolgt weitestgehend Remote und nach Absprache ca. 1 mal im Monat für paar Tage am Stück in Frankfurt oder Berlin.\nProject Description\nThe team is building an internal platform for software product developers to accelerate the development and delivery of software products to tackle the massive challenges facing the energy sector. The Platform is a service oriented, cloud-native platform that is being built to provide application teams with self-service capabilities to develop, run and operate their software products. Platform provides services for application infrastructure, data, service lifecycle management, application build and delivery as well as services to operate their software products. The Platform is deployed as a hybrid cloud, encompassing both private cloud and select public clouds.\nGeneral Description\nInformation Security Risk and Compliance (ISRC) is a vital and independent function which focuses on embedding robust security and compliance practices throughout the product portfolio, platform management and architecture. ISRC consults designing and managing secure systems for the platform through leading security design, threat modeling, and compliance initiatives to ensure a resilient architectural foundation. Ensuring security operations processes enhance platform visibility and implement streamlined, effective security workflows for operational integrity. Additionally, ISRC consults with all product lines to integrate DevSecOps practices, emphasizing secure code analysis, supply chain security, and automated security testing to deliver robust, secure product development lifecycles. Through these efforts, ISRC ensures comprehensive security and compliance across the ecosystem to foster trust and reliability in all platform deliverables.\nObjective: SecOps Tooling Engineering\nTasks:\n• Designing and building SecOps tooling as part of the security tool ecosystem\n• Developing architecture patterns and solution designs for SIEM, SOAR, Vulnerability Detection & Management, EDR, logging pipelines, user behavior analytics, and other security tool categories\n• Evaluate and integrate new tools, technologies, and platforms to strengthen detection, response, and automation capabilities\n• Build and maintain scalable data ingestion, correlation, and alerting workflows to enable advanced detection and response functions.\n• Technical coordination with operational engineers to jointly maintain SecOps workflows and ensure platform reliability\n• Identify opportunities to automate repetitive tasks within security operations processes\n• Build automation scripts, playbooks, and workflows (e.g., in SOAR tools) to enhance response efficiency and reduce analyst workload.\n• Technical Coordination with SOC and IR teams to translate operational needs into automated solutions.\n• Design and build an internal SecOps product to provide detection and response capabilities towards vulnerabilities, threats and further security events\n• Build state-of-the-art detection capabilities within by integrating with the internal Observability product. Further integrate with the broader corporate SOC capabilities (by e.g. forwarding defined alerts)\n• Providing initial operations and security analysis tasks and shape the way for a structured 24x7 security operations capability\nObjective: Incident Response activities\nTasks:\n• Provide technical management during incidents, focusing on tooling behaviour, data quality, and engineering fixes\n• Consult in development or enhancement detection content, correlation rules, dashboards, and data models based on incident patterns\n• Encourage IR activities with rapid instrumentation, log onboarding, and custom tooling during active security events\nObjective: Detection engineering\nTasks:\n• Develop, test, and operationalize new detection capabilities based on evolving threats, platform telemetry, and business requirements\n• Create and maintain detection-as-code artifacts (e.g., Sigma, YARA, KQL queries, static analysis rules)\n• Validate detection quality through adversary simulation, purple-teaming, or continuous tuning\n• Ensure rules are consistently documented, version-controlled, and validated against production data sources\nProfile Requirements\nThe contractor must be a mid-to-senior level professional with 5+ years of experience in security operations, engineering and cloud security tools\nMust-have experience\n• Experience with engineering background in SIEM\u002FSOAR, EDR platforms, log ingestion, telemetry pipelines, scripting (Python, PowerShell, Go), and cloud-native security tooling\n• Experience with infrastructure-as-code, CI\u002FCD toolchains, and container orchestration platforms (Kubernetes\n• Experience with threat modelling, detection engineering frameworks, developing TTP matrixes, and MITRE ATT&CK\n• Experience creating architectural diagrams, interface specifications, and onboarding guidelines\n• Experience in Logging and detection solutions for cloud architecture\nMust-have language skills\n• fluent English in speech and writing (at least C1)\nPreferred experience\n• Experience with Wazuh\n• Experience with Observability platforms and Open Telemetry\n• Experience in SOC Analyst Tier 1-3 roles or understanding of security operations centers\n• Experience in security frameworks (BSI, ISO 27001, MITRE ATT&CK, etc.)\n• Experience in GCP or public cloud provider\n• Experience in related DFIR or blue team domains (CySA+, GIAC, GCIH, BTL)\n• Experience in Kubernetes security (CKS or CNCF related)\n\nAnsprechpartner: Charlin Bugge\nE-Mail: charlin.bugge@percision.de\nTelefon: +49 160 7861611","Für ein innovatives Plattformprojekt im Energiesektor suchen wir einen erfahrenen Security Operations Engineer (m\u002Fw\u002Fd). Die Position bietet die Möglichkeit, weitestgehend remote zu arbeiten, mit gelegentlichen Präsenzterminen in Frankfurt oder Berlin.\n\nSie werden Teil eines Teams, das eine interne Plattform für Softwareproduktentwickler aufbaut, um die Entwicklung und Bereitstellung von Softwareprodukten zu beschleunigen. Die Plattform ist serviceorientiert und cloud-nativ konzipiert, um Anwendungsteams Self-Service-Funktionen für die Entwicklung, den Betrieb und die Verwaltung ihrer Softwareprodukte zu bieten.\n\nIhre Hauptaufgaben umfassen das Design und die Entwicklung von SecOps-Tools als Teil des Security-Tool-Ökosystems. Sie entwickeln Architekturmuster und Lösungsdesigns für SIEM, SOAR, Vulnerability Detection & Management, EDR, Logging-Pipelines und User Behavior Analytics. Dabei evaluieren und integrieren Sie neue Tools und Technologien zur Stärkung der Detection-, Response- und Automatisierungsfähigkeiten.\n\nEin wesentlicher Bestandteil Ihrer Tätigkeit ist der Aufbau und die Wartung skalierbarer Datenerfassungs-, Korrelations- und Alerting-Workflows für erweiterte Detection- und Response-Funktionen. Sie koordinieren technisch mit operativen Ingenieuren zur gemeinsamen Wartung von SecOps-Workflows und gewährleisten die Plattformzuverlässigkeit.\n\nZudem identifizieren Sie Automatisierungsmöglichkeiten für repetitive Aufgaben in Security Operations-Prozessen und erstellen entsprechende Automatisierungsskripte, Playbooks und Workflows. Diese Position bietet die Chance, in einem dynamischen Umfeld an zukunftsweisenden Sicherheitslösungen zu arbeiten.","en","9410","https:\u002F\u002Fwww.percision.de\u002Fprojekt\u002F9410\u002F",{"items":39},[40,62,79,95,115,137,157,174,191,208,222,250,269,282,301],{"id":41,"slug":42,"title":43,"skills":44,"budget":56,"duration":22,"location":57,"onsitePercent":58,"contractType":59,"foundAt":60,"category":61},5764,"it-security-consultant","IT-Security Consultant",[45,46,47,48,49,50,51,52,53,54,55],"IT-Security","OT-Security","ISO 27001","IEC 62443","ISMS","SIEM","Auditing","TISAX","NIS2","Netzwerk-Technologien","Firewall-Technologien","45.000-90.000 EUR\u002FJahr","Neuss",40,"permanent","2026-05-22T18:09:10+00:00",{"id":29,"slug":30,"label":31},{"id":63,"slug":64,"title":65,"skills":66,"budget":75,"duration":22,"location":76,"onsitePercent":58,"contractType":59,"foundAt":77,"category":78},5756,"it-architekt-cloud-enterprise-architecture","IT-Architekt Cloud & Enterprise Architecture",[67,68,69,70,71,72,73,74],"IT-Architektur","Cloud-Architekturen","Plattform-Architekturen","Hybride Architekturen","TOGAF","Lösungsarchitektur","Systemintegration","Security","78.000-90.000 EUR\u002FJahr","Frankfurt am Main, Stuttgart oder Schwalmstadt-Ziegenhain","2026-05-22T18:07:22+00:00",{"id":29,"slug":30,"label":31},{"id":80,"slug":81,"title":82,"skills":83,"budget":91,"duration":22,"location":92,"onsitePercent":58,"contractType":59,"foundAt":93,"category":94},5753,"1st-level-support","1st Level Support",[84,85,86,87,88,89,90],"IT-Support","Helpdesk","Windows","Office 365","Ticketsystem","SLA-Überwachung","Wissensdatenbank","3.500-3.800 EUR\u002FMonat","Lüneburg","2026-05-22T18:06:42+00:00",{"id":29,"slug":30,"label":31},{"id":96,"slug":97,"title":98,"skills":99,"budget":110,"duration":22,"location":111,"onsitePercent":112,"contractType":59,"foundAt":113,"category":114},5752,"teamleiter-it-infrastructure-security-services","Teamleiter IT Infrastructure & Security Services",[100,101,54,102,103,104,105,106,107,108,109],"IT Infrastructure","Security Services","Security-Technologien","Cisco","Managed Services","SLAs","SIEM\u002FSOC","Datacenter-Lösungen","Teamführung","Mentoring","75.000-95.000 EUR\u002FJahr","Berlin, Frankfurt, Hamburg, Leipzig, München oder Stuttgart",50,"2026-05-22T18:06:27+00:00",{"id":29,"slug":30,"label":31},{"id":116,"slug":117,"title":118,"skills":119,"budget":133,"duration":22,"location":134,"onsitePercent":112,"contractType":59,"foundAt":135,"category":136},5751,"senior-it-consultant-security","Senior IT Consultant Security",[120,121,122,103,123,124,125,126,127,128,129,130,131,132],"IT Security","Network Security","Data Center Security","Fortinet","Check Point","F5","CrowdStrike","Proofpoint","Zscaler","Palo Alto","Security-Architekturen","CCNP Security","Fortinet Certified Professional","70.000-85.000 EUR\u002FJahr","Hamburg oder München","2026-05-22T18:06:14+00:00",{"id":29,"slug":30,"label":31},{"id":138,"slug":139,"title":140,"skills":141,"budget":22,"duration":151,"location":152,"onsitePercent":153,"contractType":154,"foundAt":155,"category":156},5724,"manager-mwd-fuer-projekt-it-sicherheit","Manager (m\u002Fw\u002Fd) für Projekt IT-Sicherheit",[142,143,144,145,146,147,148,149,150],"IT-Sicherheit","BSI-IT-Grundschutz","IT-Grundschutztools","SAVe-Tool","IT-Sicherheitskonzepte","Informationssicherheitskonzepte","Projektmanagement","Deutsch","Englisch","24 Monate mit Option auf Verlängerung","Bremen",60,"temp_work","2026-05-22T17:40:09+00:00",{"id":29,"slug":30,"label":31},{"id":158,"slug":159,"title":160,"skills":161,"budget":22,"duration":22,"location":22,"onsitePercent":22,"contractType":59,"foundAt":172,"category":173},5693,"systemadministrator-it-infrastruktur-mwd","Systemadministrator IT-Infrastruktur (m\u002Fw\u002Fd)",[162,163,164,165,11,166,167,168,169,170,171],"Windows Server 2016","IIS-NLB","SQL Server Always On","SharePoint 2016","Monitoring-Tools","Checkmk","Failovercluster-Manager","Zertifikatsverwaltung","VMware","Backup","2026-05-22T17:18:06+00:00",{"id":29,"slug":30,"label":31},{"id":175,"slug":176,"title":177,"skills":178,"budget":22,"duration":22,"location":22,"onsitePercent":22,"contractType":59,"foundAt":189,"category":190},5669,"it-systemadministrator-mwd-2","IT-Systemadministrator (m\u002Fw\u002Fd)",[179,180,181,182,183,184,185,170,186,45,187,188],"Windows Server Administration","Active Directory","Gruppenrichtlinien","Client-Management","Microsoft 365","Exchange Online","Netzwerkkomponenten","Hyper-V","Backup-Lösungen","Monitoring","2026-05-22T17:16:12+00:00",{"id":29,"slug":30,"label":31},{"id":192,"slug":193,"title":194,"skills":195,"budget":22,"duration":22,"location":22,"onsitePercent":22,"contractType":26,"foundAt":206,"category":207},5657,"consultant-linux-security-engineer-wmd","Consultant Linux Security Engineer (w\u002Fm\u002Fd)",[196,197,198,199,200,201,202,51,203,204,205],"Linux-Systemadministration","Systemhärtung","System- und Netzwerksicherheit","Google Cloud Platform","SELinux","AppArmor","iptables\u002Fnftables","Security-Frameworks","CIS Benchmarks","BSI-Grundschutz","2026-05-22T17:14:51+00:00",{"id":29,"slug":30,"label":31},{"id":209,"slug":210,"title":211,"skills":212,"budget":22,"duration":22,"location":22,"onsitePercent":22,"contractType":59,"foundAt":220,"category":221},5643,"senior-consultant-linux-mwd","(Senior-) Consultant Linux (m\u002Fw\u002Fd)",[213,214,215,216,217,218,219],"Linux","Ubuntu","CentOS","Systemadministration","IT-Infrastruktur","Beratung","Consulting","2026-05-22T17:12:28+00:00",{"id":29,"slug":30,"label":31},{"id":223,"slug":224,"title":225,"skills":226,"budget":22,"duration":245,"location":246,"onsitePercent":247,"contractType":26,"foundAt":248,"category":249},5635,"implementierungsberater-fuer-it-sicherheit","Implementierungsberater für IT-Sicherheit",[227,228,229,230,231,232,233,234,235,236,237,180,238,239,240,241,103,242,243,244],"IT-Security Beratung","Anforderungsanalyse","Datenmodellierung","Wallix","Cyber Ark","MS Projects","Scrum","Security Monitoring","Splunk","Identity & Access Management","Omada Identity","Vulnerability Management","Tenable","Firewalls","Fortigate","Checkpoint","Privileged Access Management","PowerDesigner","12 Monate +","Frankfurt",100,"2026-05-22T16:30:43+00:00",{"id":29,"slug":30,"label":31},{"id":251,"slug":252,"title":253,"skills":254,"budget":22,"duration":22,"location":266,"onsitePercent":22,"contractType":59,"foundAt":267,"category":268},5508,"it-security-specialist-mwd-cyber-security","IT-Security Specialist (m\u002Fw\u002Fd) Cyber-Security",[255,256,257,258,50,259,260,261,262,263,264,17,47,265],"Cyber Security","Detection Engineering","Threat Hunting","Cyber Threat Intelligence","EDR","XDR","KQL","SPL","Sigma","YARA","Informationssicherheitsmanagement","Bayreuth","2026-05-22T14:05:48+00:00",{"id":29,"slug":30,"label":31},{"id":270,"slug":271,"title":272,"skills":273,"budget":22,"duration":22,"location":22,"onsitePercent":22,"contractType":26,"foundAt":280,"category":281},5449,"fachberater-secunet-sbc-wmd","Fachberater Secunet SBC (w\u002Fm\u002Fd)",[274,275,276,277,278,279,146],"Secunet SBC","IP-Netzwerke","Netzwerksicherheit","VoIP-Systeme","SBC-Systeme","Kommunikationsinfrastruktur","2026-05-22T12:35:15+00:00",{"id":29,"slug":30,"label":31},{"id":283,"slug":284,"title":285,"skills":286,"budget":22,"duration":297,"location":298,"onsitePercent":112,"contractType":26,"foundAt":299,"category":300},5443,"netzwerkkonzeption-betriebsueberfuehrung-rechenzentrumsinfrastruktur","Netzwerkkonzeption & Betriebsüberführung Rechenzentrumsinfrastruktur",[287,288,289,290,291,292,293,294,295,296],"Netzwerk-Engineering","Rechenzentrumsumgebungen","Technische Konzepte","Architekturdesigns","IT-Infrastrukturen","Betriebsübergabe","Dokumentation","Performance","Verfügbarkeit","Sicherheit","1 Woche (15.06.-19.06.2026)","Hamburg","2026-05-22T12:26:55+00:00",{"id":29,"slug":30,"label":31},{"id":302,"slug":303,"title":304,"skills":305,"budget":22,"duration":308,"location":22,"onsitePercent":309,"contractType":26,"foundAt":310,"category":311},5391,"ibm-security-verify-governance-experte-mwd","IBM Security Verify Governance Experte (m\u002Fw\u002Fd)",[306,307],"IBM Verify Identity Governance (IVIG)","IBM Security Verify Governance","15.06.2026 - 31.12.2026 + Option",0,"2026-05-22T09:40:56+00:00",{"id":29,"slug":30,"label":31}]