SOC Engineer | SOC Engineer (m/w/d)

Job Summary

As an SOC Engineer, you will be instrumental in designing, operating, and integrating the Security Operations Center (SOC) infrastructure, leveraging key components like SIEM (e.g., Microsoft Sentinel), SOAR, EDR/NDR, and IDS/IPS to ensure high availability and data integrity. A core part of your role involves automating workflows using CI/CD pipelines and Infrastructure as Code, developing SOC workflows, detection rules, and playbooks with tools like Bicep and GitHub Actions. You will also be responsible for developing and maintaining detection use cases based on MITRE ATT&CK, supporting threat hunting, and integrating threat intelligence data using platforms such as MISP, TAXII, or OpenCTI. This position emphasizes a DevSecOps approach, requiring structured documentation, versioning, and test automation, along with close collaboration with other teams. The ideal candidate will have practical experience with PowerShell or Python, familiarity with REST-APIs, and basic knowledge of query languages like KQL or SQL.