Senior Security Engineer, Logging and SIEM Data Pipelines, Full-Time (f/m/d)

Your challenge

As part of a dedicated team, you will be responsible for designing, operating, and continuously improving the bank’s central logging and SIEM platform to ensure high availability, performance, and scalability for enterprise-wide data volumes. Your responsibilities will include:

• Design, development, and maintenance of telemetry and data pipelines to enable the transmission, enrichment, filtering, and multiple delivery of security and operational log data while maintaining cost efficiency
• Drive the development and implementation of SOAR workflows to accelerate incident response, automate repetitive tasks, and improve the efficiency of security operations
• The development and maintenance of service monitoring, detection rules, reports, and dashboards that provide actionable security intelligence to stakeholders across the organization
• Collaborate with security operations, IT infrastructure, and application teams to integrate new data sources, ensure data quality, and expand platform coverage—including early contributions to observability use cases
• Maintain technical documentation, including architectural descriptions, runbooks, data flow diagrams, and security parameters
• Coordinate the mitigation or resolution of security-related platform incidents with internal security stakeholders and external vendors
• Contributing to the development of architecture, standards, and best practices for the centralized logging and telemetry ecosystem
• Provision of second- and third-level engineering support, including participation in an on-call rotation

Your profile

You have the following qualities and skills:

• Highly proactive, solution-oriented, and results-driven, with strong abstract and conceptual thinking skills
• A structured and goal-oriented approach to work, with the ability to independently assess, prioritize, and solve complex tasks and challenges
• A creative problem-solver who challenges the status quo and proposes innovative solutions to existing problems
• A strong communicator who can translate technical complexity into clear instructions for platform users, stakeholders, and cross-functional teams

Requirements

You should meet the following requirements:

• At least 5 years of experience with in-depth knowledge of security engineering and monitoring of enterprise cloud infrastructures, including experience in developing detection rules, correlation queries, dashboards, and CIM-standardized data models
• Extensive experience in the design and operation of data pipelines and log routing infrastructures, ideally with Critbit Stream or similar telemetry pipeline tools
• Practical scripting and automation skills using one or more of the following: Python, Bash/Shell, JavaScript
• Work experience with Git, SQL, REST APIs, and regular expressions
• Solid understanding of SOAR platforms and security operations automation
• Experience with configuration management tools such as Ansible is a plus
• Fluent spoken and written English
• A good command of German is a must