Wolters Kluwer

Senior SecOps Engineer – Legal AI Assistant

Wolters Kluwer

full-time

Posted on:

Location Type: Hybrid

Location: BerlinGermany

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

AnsibleAzureCloudOpenStackSDLCTerraformVault

About the role

  • Own end-to-end security for internal and external traffic across Open Telekom Cloud (OTC) and Microsoft Azure, including network segmentation, mTLS, WAF, and IDS/IPS.
  • Define and operate IAM and RBAC: role design, SSO/SCIM provisioning, least-privilege policies, and periodic access reviews across cloud, SaaS, and internal systems.
  • Govern access to sensitive data and operational databases with policy-based controls, approval workflows, data masking, and query auditing.
  • Implement and manage secrets and key management (e.g., vaulting, KMS/HSM), including rotation, revocation, and encryption standards.
  • Build and operate audit logging and SIEM pipelines: log collection, correlation rules, alert tuning, dashboards, and on-call runbooks.
  • Lead incident response readiness and execution: playbooks, tabletop exercises, forensics coordination, post-incident reviews, and continuous improvement.
  • Drive vulnerability and patch management: integrate SCA/SAST/DAST into CI/CD, container/OS hardening, and remediation tracking.
  • Secure endpoints, containers, and runtime systems using EDR, admission policies, baseline configurations, and sandboxing.
  • Conduct security reviews and threat modeling for architecture changes, releases, and third-party integrations; ensure secure-by-default guardrails.
  • Partner with DevOps and engineering to embed security controls into Terraform/Ansible, CI/CD pipelines, and the SDLC.
  • Champion a security-first culture through clear standards, training, and pragmatic guidance.

Requirements

  • Strong experience operating security controls in cloud environments, ideally Open Telekom Cloud (OTC) or OpenStack.
  • Deep knowledge of IAM/RBAC, SSO/SCIM, and least-privilege access design.
  • Proficiency in network and perimeter security (TLS/mTLS, WAF, IDS/IPS, VPN/Zero Trust).
  • Hands-on experience with secrets and key management (Vault, KMS/HSM) and encryption best practices.
  • Experience building and tuning SIEM, EDR, and log pipelines; strong detection engineering and incident response skills.
  • Familiarity with vulnerability management and CI/CD security (SCA/SAST/DAST, container scanning) and system hardening (e.g., CIS benchmarks).
  • Solid understanding of European data protection and security compliance (e.g., GDPR, ISO 27001/SOC 2) and how to operationalize controls.
  • Excellent communication skills in English; German is a plus.
  • Entrepreneurial mindset with a strong sense of urgency; self-starter who works independently while aligning to team goals.
Benefits
  • 📊 Check your resume score for this job Improve your chances of getting an interview by checking your resume score before you apply. Check Resume Score
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
security controlsIAMRBACSSOSCIMnetwork securityperimeter securitysecrets managementencryptionvulnerability management
Soft Skills
communicationentrepreneurial mindsetself-starterurgencyindependent workteam alignment
Certifications
GDPRISO 27001SOC 2