Lead security operations activities across cloud, infrastructure, endpoints, and SaaS platforms.
Act as the primary escalation point for high-impact and complex security incidents.
Own incident classification, response coordination, regulatory notifications, and post-incident reporting in line with DORA and NIS2 requirements.
Ensure incident detection, investigation, and resolution meet EU regulatory reporting timelines.
Enhance the vulnerability management framework by improving triage processes, implementing risk-based prioritization, and tracking remediation progress.
Strengthen reporting and metrics to align with European regulatory expectations and operational resilience objectives.
Drive vulnerability remediation programs in collaboration with IT and engineering teams.
Improve threat and attack visibility through centralized logging, monitoring, and detection capabilities.
Provide strategic oversight of SIEM, EDR/XDR, MDM, IAM, and related security tooling.
Lead threat intelligence activities and assess threats through a European regulatory and risk-based lens.
Strengthen cloud security controls within AWS environments using best practices and native services.
Oversee and optimize the use of AWS security services such as CloudTrail, CloudWatch, GuardDuty, Security Hub, and IAM.
Partner with IT and engineering teams to embed security-by-design principles across systems and applications.
Drive security initiatives including data loss prevention (DLP), penetration testing, and security tool optimization.
Support security architecture reviews to ensure resilience, scalability, and regulatory alignment.
Lead information security awareness initiatives, including phishing simulations and employee training programs.
Contribute to governance, risk, and compliance efforts across frameworks such as ISO 27001, DORA, and NIS2.
Support internal and external security audits and regulatory examinations.
Translate regulatory requirements into actionable security operations and controls.

Requirements

8 years of experience
Strong experience with AWS security services (CloudTrail, CloudWatch, GuardDuty, Security Hub, IAM)
Proven background in SOC or security operations with hands-on SIEM and EDR/XDR experience
Accountable incident lead experience for EU-regulated security incidents
Hands-on experience managing DORA and NIS2 incident response requirements
Experience supporting EU regulatory audits, including ISO 27001
Ability to convert regulatory obligations into practical, operational security controls
Experience with threat intelligence and frameworks such as MITRE ATT&CK
Undergraduate or Postgraduate degree in any discipline
German language proficiency (Nice-to-Have)
Experience interacting directly with European regulators or supervisory authorities (Nice-to-Have)

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

incident responsevulnerability managementthreat intelligencesecurity operationsdata loss preventionpenetration testingregulatory complianceincident classificationrisk-based prioritizationsecurity architecture

Soft Skills

leadershipcommunicationcollaborationstrategic oversightincident managementtrainingproblem-solvingaccountabilityorganizational skillsadaptability

Certifications

ISO 27001