Overslaan naar content
English

IT Security Operations Engineer

  • On-site, Hybrid
    • Dusseldorf, Nordrhein-Westfalen, Germany
  • Risk

Job description

The Cybersecurity Operations Lead will ensure the secure configuration and operation of our IT and cloud environments. This role spans across on-premise infrastructure, Windows/Linux endpoints, and cloud platforms (IaaS, PaaS, SaaS) such as Salesforce, Azure, and Microsoft 365, including identity services and end-user devices.

As the primary point of contact for security-related matters, the person will manage our external SOC, oversee patch and vulnerability management, coordinate penetration tests, and lead the operation of the Microsoft Defender XDR suite including Sentinel. It will also play a key role in incident handling and serve as deputy to the Security Manager in their absence.

Role and Responsibilities

  • You will be responsible for balancing day to day activities and projects, including the following:

  • Oversee the secure configuration and operation of on-premises systems, endpoints, and cloud environments, including platforms such as Microsoft Azure, Microsoft 365 and Salesforce.

  • Act as the primary point of contact for all internal and external security-related inquiries.

  • Manage and coordinate with the external Security Operations Center ensuring comprehensive monitoring and timely response to potential threats.

  • Support the Security Management team in the development, validation, and ongoing improvement of security playbooks, ensuring processes remain up to date with evolving threats.

  • Take an active role in incident response efforts, leading the detection, investigation, and remediation of security incidents. For example, this includes organising post-incident reviews and reporting on root-cause analysis.

  • Lead patch management processes, ensuring that critical vulnerabilities are identified and remediated within agreed service-level timelines.

  • Manage externally conducted penetration testing activities, including planning, oversight, and tracking remediation of findings to closure.

  • Administer and operate the Microsoft Defender XDR suite, including Microsoft Sentinel, to maintain effective threat detection and response capabilities.

  • Provide security expertise and guidance to IT and business teams, and act as a deputy for the Security Manager when required.

  • Collaborate with IT and business units to drive ongoing security awareness initiatives and continuous improvement of security processes, fostering a culture of proactive risk management across the organisation.

    Key Relationships

    Stakeholders who will form part of your essential Network

  • External: External SOC and security solution providers, auditors

  • Internal: IT Security Management, IT Engineering and Applications

Knowledge, Skills & Experience

  • The technical requirements to do the job and the qualities we value in all our people

  • With previous experience as an IT Operations lead or Engineer (ideally 5 years of relevant experience), together with:

  • Extensive experience in cybersecurity operations, preferably in a senior or lead position, demonstrating hands-on technical proficiency and leadership.

  • Deep understanding of endpoint security for both Windows and Linux environments, coupled with expertise in securing cloud platforms such as Azure, M365, and Salesforce, as well as traditional on-premise infrastructure and networks.

  • Proven skills in administering Microsoft Defender XDR and Sentinel to ensure robust threat detection and response.

  • Comprehensive knowledge of incident response processes and the development of practical, effective playbooks.

  • Strong background in coordinating with external SOC teams and overseeing penetration testing engagements, from planning through to closure of findings.

  • Excellent interpersonal and communication skills, with a track record of acting as a trusted advisor to both technical and non-technical stakeholders.

  • A Flexible and collaborative mindset and the ability to foster productive relationships across IT, business, and leadership teams, supporting a proactive and security-aware culture.

  • Certifications such as CISSP, CISM, GIAC, AZ-500, or MS-500.

  • Experience working with compliance and security frameworks (e.g., ISO 27001, NIST, GDPR).

Core Values

  • Respect: Treat others the way they would like to be treated.

  • Truth: Honest and open always, learning from successes & mistakes.

  • Collaborate: Making us smarter and better as one team.

  • Care: About tcc, our future, our colleagues, our clients, our community.

or

Privacy policy