Cybersecurity Operations Director leading cybersecurity managed services operations at a global accounting firm. Overseeing teams, driving growth, and serving as an advisor to clients.
About the role
- SecOps Engineer leading the design and operation of security controls at Libra. Working in a hybrid model and focusing on cloud security for legal AI products in Europe.
Responsibilities
- Own end-to-end security for internal and external traffic across Open Telekom Cloud (OTC) and Microsoft Azure, including network segmentation, mTLS, WAF, and IDS/IPS.
- Define and operate IAM and RBAC: role design, SSO/SCIM provisioning, least-privilege policies, and periodic access reviews across cloud, SaaS, and internal systems.
- Govern access to sensitive data and operational databases with policy-based controls, approval workflows, data masking, and query auditing.
- Implement and manage secrets and key management (e.g., vaulting, KMS/HSM), including rotation, revocation, and encryption standards.
- Build and operate audit logging and SIEM pipelines: log collection, correlation rules, alert tuning, dashboards, and on-call runbooks.
- Lead incident response readiness and execution: playbooks, tabletop exercises, forensics coordination, post-incident reviews, and continuous improvement.
- Drive vulnerability and patch management: integrate SCA/SAST/DAST into CI/CD, container/OS hardening, and remediation tracking.
- Secure endpoints, containers, and runtime systems using EDR, admission policies, baseline configurations, and sandboxing.
- Conduct security reviews and threat modeling for architecture changes, releases, and third-party integrations; ensure secure-by-default guardrails.
- Partner with DevOps and engineering to embed security controls into Terraform/Ansible, CI/CD pipelines, and the SDLC.
- Champion a security-first culture through clear standards, training, and pragmatic guidance.
Requirements
- Strong experience operating security controls in cloud environments, ideally Open Telekom Cloud (OTC) or OpenStack.
- Deep knowledge of IAM/RBAC, SSO/SCIM, and least-privilege access design.
- Proficiency in network and perimeter security (TLS/mTLS, WAF, IDS/IPS, VPN/Zero Trust).
- Hands-on experience with secrets and key management (Vault, KMS/HSM) and encryption best practices.
- Experience building and tuning SIEM, EDR, and log pipelines; strong detection engineering and incident response skills.
- Familiarity with vulnerability management and CI/CD security (SCA/SAST/DAST, container scanning) and system hardening (e.g., CIS benchmarks).
- Solid understanding of European data protection and security compliance (e.g., GDPR, ISO 27001/SOC 2) and how to operationalize controls.
- Excellent communication skills in English; German is a plus.
- Entrepreneurial mindset with a strong sense of urgency; self-starter who works independently while aligning to team goals.
Benefits
- Permanent employment from day one.
- Remote work & flexibility: Work remotely up to 3 days per week (home office) (= 8 days a month in the office) with flexible working hours.
- Work abroad flexibly: Work from anywhere within the EU for up to 20 days within a twelve-month period.
- Rest & time off: 26 vacation days.
- Show your commitment: 1 additional day off per year for your volunteer work (Volunteer Day).
- Support for development: E-learning via LinkedIn, online language training with goFluent, and other training and development opportunities.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
L2 SOC Analyst managing security incidents and responses at Keyloop, focusing on digital transformation in the automotive sector.
Security Operations Analyst responsible for developing security processes and incident response. Collaborating with multiple teams for security best practices in a hybrid work environment.
Security Manager leading IAM and SecOps at fintech solutions provider in Brazil. Developing and implementing information security programs aligned with best practices and compliance requirements.
Security Engineer enhancing cybersecurity tools and solutions for The Walt Disney Company. Performing system analyses and developing security configurations for improved protection against cyber threats.
Security Operations Lead responsible for security operations aligning with policies and compliance. Handling incident response, vulnerability management, and supporting IT teams with security expertise.
SOC L2 Analyst responsible for security monitoring and incident investigation. Analyzing escalated alerts, conducting correlation with SIEM, and executing response actions.
Cyber Security Specialist protecting digital estate from threats at the University of Edinburgh. Focused on identifying and mitigating cyber risks while supporting teaching and research services.
Lead Specialist in Security Operations, enhancing detection engineering and incident response at Pearson. Collaborate with teams and drive process improvements in a high - paced environment.
Cybersecurity Incident Response Analyst detecting and responding to cyber threats at NOV. Collaborating using AI tools to enhance cybersecurity operations across IT, cloud, and OT environments.