My client is modernizing its software development and delivery to address critical challenges in the energy sector. The Engineering Delivery Platform (EDP) is a cloud-native, hybrid platform designed to accelerate software product development by providing self-service capabilities for infrastructure, data, lifecycle management, and operations.

1- SecOps Tooling * Engineering Design, build, and integrate security tools (SIEM, SOAR, EDR, vulnerability management, logging pipelines, UBA). * Develop scalable data ingestion, correlation, and alerting workflows. Automate repetitive tasks (SOAR playbooks, scripts) to improve SOC efficiency. * Coordinate with engineering teams to maintain SecOps workflows and platform reliability. * Build an internal SecOps product for threat/vulnerability detection, integrating with observability and corporate SOC. 2- Incident Response (IR) Support * Provide technical leadership during incidents (tooling behavior, data quality, engineering fixes). * Enhance detection content (rules, dashboards, data models) based on incident patterns. * Enable rapid IR instrumentation (log onboarding, custom tooling). 3- Detection Engineering * Develop, test, and operationalize detection rules (Sigma, YARA, KQL) for evolving threats. * Validate detections via adversary simulation, purple-teaming, or tuning. * Maintain detection-as-code artifacts with version control and documentation.

5+ years in security operations, engineering, or cloud security. Must-have: * SIEM/SOAR, EDR, log ingestion, scripting (Python/PowerShell/Go), cloud-native security. * IaC, CI/CD, Kubernetes. * Threat modeling, MITRE ATT&CK, detection engineering. * Cloud logging/detection (GCP/AWS/Azure). * Fluent English (C1+). Preferred: * Wazuh, OpenTelemetry, SOC experience (Tier 1-3). * Security frameworks (ISO 27001, BSI), DFIR certs (CySA+, GIAC). * Kubernetes security (CKS/CNCF).

Daily rate : depending on the profil Location : Berlin + 3/4 days working remotly Start date : June 29