CrawlJobs Logo

Staff Security Engineer, CSIRT

Germany, Berlin · Job Posted July 02, 2026
Apply Position
Job Link Share

Job Description

As a Staff Security Engineer within our CSIRT Team, you will be accountable for leading our most critical, complex, and high-impact security incidents end-to-end across a global, high-transaction food delivery and quick-commerce platform handling millions of daily orders. As a business spanning logistics, e-commerce, and FinTech, our environment is highly regulated, in this role you will navigate the complexities of global compliance frameworks while ensuring rapid, effective incident mitigation. You will operate at the intersection of a hands-on technical practitioner and a strategic leader, making high-consequence decisions during times of ambiguity. We are looking for someone with a strong 'builder mindset'. You don't just respond to security incidents; you approach operational bottlenecks as engineering problems. You will build systems, develop custom tooling, and architect automated workflows to relentlessly eliminate manual toil and scale our response capabilities, ultimately setting the standard for engineering excellence and fostering a security mindset across the organization.

Job Responsibility

  • Incident Commander: Serve as the single accountable leader during active responses for high-severity incidents, directing investigative focus from detection through recovery while maintaining a calm and decisive demeanor under pressure
  • Post-Incident Reviews & Remediation: Lead blameless post-incident reviews to ensure continuous improvement, durable engineering solutions, and systemic resilience
  • Stakeholder Communication: Serve as the primary interface to stakeholders during critical security incidents, translating complex technical realities into clear risk, impact, and decision frameworks
  • Engineering-Led Response & Automation: Design and develop in-house solutions, automated workflows, and scalable systems to eliminate repetitive processes, reduce triage time, and continuously improve the overall quality and efficiency of our security incident response operations
  • Mentorship & Leadership: Act as a hands-on technical leader and role model, actively mentoring teams and individuals within your domain
  • Metrics & Strategic Visibility: Have a Data-Driven Strategic mindset to define, track, and improve core operational metrics (MTTD, MTTR) to identify systemic gaps and propose strategic, long-term security investments
  • Organizational Readiness & Tabletop Exercises: Proactively design and facilitate complex, realistic tabletop simulations and purple team engagements
  • On-Call: Participate in a predictable on-call rotation as an Incident Responder

Requirements

  • 7+ years of broad cybersecurity experience with a deep understanding of core security fundamentals, coupled with 5+ years of dedicated experience in a SOC or CSIRT environment
  • Proven track record acting as a Security Incident Commander
  • Mastery of the full incident lifecycle and hands-on playbook creation for complex, high-availability hybrid-cloud environments, distributed microservices, and platforms processing vast amounts of PII and payment data
  • Operational expertise with SIEM, EDR, Cloud Security platforms, SOAR, and WAF/DDoS protection solutions
  • Advanced proficiency in writing production-quality code (e.g., Python, Go, Rust) to build scalable in-house solutions
  • Hands-on experience securing and responding to incidents across public cloud platforms (AWS, GCP) and cloud-native technologies like Kubernetes, Docker, and Infrastructure-as-Code (e.g., Terraform)
  • Familiarity with Git/GitHub usage, CI/CD systems, and modern SecOps workflows
  • An exceptional communicator with the ability to influence cross-functional stakeholders

Nice to have

  • Digital forensics skills and hands-on experience integrating Threat Intelligence to anticipate attacks and proactively hunt for threats
  • Proven skills in static and dynamic (runtime) malware analysis, reverse engineering, and analyzing malicious payloads within isolated sandbox environments
  • Strong background in Web and Mobile application security, understanding complex API architectures, modern authentication frameworks, and defending against high-volume automated attacks (e.g., credential stuffing, scraping)
  • Experience integrating AI/LLM capabilities and MCP (Model Context Protocol) usage into Incident Response for automated evidence summarization, data enrichment, or investigation
  • Deep operational understanding of global cybersecurity and privacy frameworks (e.g., PCI-DSS, GDPR, NIS2, DORA, MAS TRM)
  • Active or in-progress industry-recognized technical certifications focused on incident handling, forensics, or offensive security (e.g., GIAC GCIH/GCFA/GCIA, CISSP, OSCP)

What we offer

  • Hybrid working model
  • 27 days holiday
  • 1.000 € Educational Budget
  • Language Courses
  • Parental Support
  • access to the Udemy Business platform
  • Health Checkups
  • Mindfulness and Gym & Bicycle Subsidy
  • Digital Meal Vouchers
  • Food Vouchers
  • Corporate Discounts
  • access to Internal Housing Hub

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Staff Security Engineer, CSIRT

8 matching positions

Staff Security Engineer

Mozilla is looking for an Incident Responder to monitor and mitigate attacks acr...
Location
Location
Canada; United States
Salary
Salary:
Not provided
mozilla.org Logo
Mozilla
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of demonstrated ability managing security incidents at a global scale and/or experience working in Security Operations Centers (SOC), Product Security Incident Response Teams (PSIRT), and Computer Security Incident Response Teams (CSIRT)
  • Expertise with security information and event management (SIEM) systems (eg. ELK, Google BigQuery, Splunk, etc.). Splunk proficiency is preferred
  • Expertise with integrating and leveraging threat intelligence for detection engineering
  • Expertise with security orchestration and automation (SOAR) platforms such as Tines or Splunk SOAR
  • Superb communication and leadership capacity
  • ability to partner effectively with diverse company stakeholders
  • Real-world experience in software development and/or engineering operations for consumer products and services
  • B.S. in a technology-focused field is helpful
  • Practical experience working with cloud technologies (eg. Google Cloud Platform, Amazon Web Services, Heroku, Microsoft Azure, etc.)
  • Ownership and Accountability
Job Responsibility
Job Responsibility
  • Identify and respond to security incidents on a global scale
  • Act as an incident commander to drive incidents through the entire response lifecycle
  • Design and maintain a portfolio of security alerts, automated actions, playbooks and escalation workflows in support of a high-performing 24/7 incident response capability
  • Conduct threat hunting activities, anticipate future threats, and maintain forward-thinking strategies for tools/technology/processes that combat sophisticated threat actors
  • Research threat intelligence reports, triage and manage resulting workflows
  • Partner with key stakeholders and communicate effectively to maintain a continuously improving feedback loop of preparation, identification, analysis, containment, and post mortem activities
  • Participate in on-call rotation
What we offer
What we offer
  • Generous performance-based bonus plans
  • Rich medical, dental, and vision coverage
  • Generous retirement contributions with 100% immediate vesting
  • Quarterly all-company wellness days
  • Country specific holidays plus a day off for your birthday
  • One-time home office stipend
  • Annual professional development budget
  • Quarterly well-being stipend
  • Considerable paid parental leave
  • Employee referral bonus program
  • Fulltime
Read More
Arrow Right

Sr. Staff Engineer, Operations Engineer

At GEICO, we offer a rewarding career where your ambitions are met with endless ...
Location
Location
United States , Seattle; Palo Alto; Chevy Chase
Salary
Salary:
130000.00 - 260000.00 USD / Year
geico.com Logo
Geico
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Infrastructure technologies knowledge in a hybrid cloud environment such including Containerization, VMs, CI/CD pipeline, IaC
  • Extensive experience in engineering and solution delivery in a dynamic service provider environment
  • Strong program and project management skills with proven experience coordinating projects across multiple teams, with successful project/product delivery at scale
  • Working knowledge of security services and their impact on production systems including runtime protection services, detective and protective agents and/or daemon sets, vulnerability and application scanning, etc.
  • Experience in a multi-platform environment with Linux, Mac, Windows
  • Experience communicating and presentating to senior and junior staff with the ability to influence stakeholders
  • Detail and deadline oriented with effective organizational and analytic skills
  • Strong critical thinking, problem solving, decision making, and analytical skills
  • Outstanding time management skills and attention to detail
  • Excellent verbal/written communication skills, including the ability to clearly document findings, proposals, issues, and status
Job Responsibility
Job Responsibility
  • Monitor and track signals of security gaps, initiative delays, compliance risks due to system issues, and drive resolution
  • Create visuals on current state of the union related to security engineering
  • Help to develop standards on reporting tool effectiveness, maturity, resilience and other factors in determining risks as they come up
  • Help drive automation of routine tasks to drive growth in security protection and detection technologies
  • Provide expert guidance, demonstrations and lead discussions on security best practices to stakeholders and leadership
  • Works in lockstep with our CSIRT, GRC, Tech and partner teams to ensure protection coverages, proper detection event notifications, documentation and standards we can all use
  • Organize, store and manage operational best practices documentation for security solutions to protect our platforms including endpoint, cloud, collaboration, identity and network
  • Partner with the project sponsors, delivery teams, and stakeholders to deliver quality solutions on time and within budget by coordinating project activities across multiple systems, departments, and teams
  • Create, maintain, and actively manage a detailed project schedule, change control process, and documentation
  • Identify and raise appropriate security risks, in addition to presenting detailed and implementable solutions or alternatives
What we offer
What we offer
  • Comprehensive Total Rewards program that offers personalized coverage tailor-made for you and your family’s overall well-being
  • Financial benefits including market-competitive compensation
  • a 401K savings plan vested from day one that offers a 6% match
  • performance and recognition-based incentives
  • and tuition assistance
  • Access to additional benefits like mental healthcare as well as fertility and adoption assistance
  • Supports flexibility- We provide workplace flexibility as well as our GEICO Flex program, which offers the ability to work from anywhere in the US for up to four weeks per year
  • Fulltime
Read More
Arrow Right

Cyber Defense Engineer

Embark on a rewarding journey with Randstad's Global Security Operations Center ...
Location
Location
Portugal
Salary
Salary:
Not provided
https://www.randstad.com Logo
Randstad
Expiration Date
July 31, 2026
Flip Icon
Requirements
Requirements
  • Understanding of cybersecurity principles, threat landscape, and knowledge of various attack vectors
  • Demonstrates robust analytical skills and effective problem-solving abilities to assess security events, evaluate risks, and make informed decisions during security investigations, ultimately ensuring the resolution of security incidents
  • Experience with industry-leading SIEM and EDR tools for the monitoring and analysis of security events
  • Basic understanding of network protocols, traffic analysis, and the ability to identify suspicious activities
  • Clear and concise communication skills to report incidents, write documentation, and interact with team members and technical and non-technical stakeholders
  • A basic understanding of the MITRE ATT&CK framework
  • Proficient in the English language
  • Excellent analytical skills
  • Ability to operate in a matrix organization
  • Self-starting and self-supporting
Job Responsibility
Job Responsibility
  • Perform thorough analysis of cybersecurity alerts, assuming complete responsibility for leading and concluding the investigation
  • Utilize cutting-edge technology for security investigations, such as EDR, SIEM, SOAR, and other advanced tools
  • Maintain a continuous communication loop with the outsourced staff of the frontline defense center and the external segments of the cyber defense center
  • As a member of the regional cyber defense center, support local IT and ISOs by addressing security issues and translating necessary information for analysis and response into actionable tasks
  • Play a key role in enhancing the CDC's ongoing improvement
  • During available time and depending on your skills and interests, aid the vulnerability management lead and the threat intelligence lead in their respective operations
  • Work closely with the continuous improvement lead to design and develop new and improve existing threat detection capabilities
  • During critical security incidents, join forces with the CSIRT to swiftly and decisively bring closure to these challenges
  • Fulltime
Read More
Arrow Right

Cyber Defense Engineer

Embark on a rewarding journey with Randstad's Global Security Operations Center ...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.randstad.com Logo
Randstad
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Understanding of cybersecurity principles, threat landscape, and knowledge of various attack vectors
  • Demonstrates robust analytical skills and effective problem-solving abilities
  • Experience with industry-leading SIEM and EDR tools
  • Basic understanding of network protocols, traffic analysis, and the ability to identify suspicious activities
  • Clear and concise communication skills
  • Basic understanding of the MITRE ATT&CK framework
  • Proficient in the English language
  • Excellent analytical skills
  • Ability to operate in a matrix organization
  • Self-starting and self-supporting
Job Responsibility
Job Responsibility
  • Perform thorough analysis of cybersecurity alerts, assuming complete responsibility for leading and concluding the investigation
  • Utilize cutting-edge technology for security investigations, such as EDR, SIEM, SOAR, and other advanced tools
  • Maintain a continuous communication loop with the outsourced staff of the frontline defense center and the external segments of the cyber defense center
  • As a member of the regional cyber defense center, support local IT and ISOs by addressing security issues and translating necessary information for analysis and response into actionable tasks
  • Play a key role in enhancing the CDC's ongoing improvement
  • Provide support for various operational tasks including vulnerability management and threat intelligence
  • Work closely with the continuous improvement lead to design and develop new and improve existing threat detection capabilities
  • During critical security incidents, join forces with the CSIRT to swiftly and decisively bring closure to these challenges
  • Fulltime
Read More
Arrow Right
New

Surveillance Investigator

Allied Universal® is hiring a Surveillance Investigator. The Surveillance Invest...
Location
Location
United States , Town of Poughkeepsie
Salary
Salary:
21.00 - 24.00 USD / Hour
aus.com Logo
Allied Universal®
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • High school diploma or equivalent
  • Post offer, must be able to successfully complete the Allied Universal Investigations' training/orientation course
  • Minimum of one (1) year of verifiable work experience, preferably involving investigations or other protective service-related field
  • Flexibility to work varied and irregular hours/days including weekends and holidays
  • Ability to type reports in Microsoft Word format with minimal grammatical and punctuation errors
  • Proficient in utilizing laptop computers, video cameras and cell phones
  • Capable of maintaining focus and multitasking effectively in a dynamic environment
  • Demonstrated ability to manage stressful situations with composure and professionalism
  • Ability to work in a very independent environment
Job Responsibility
Job Responsibility
  • Conduct independent investigations of insurance claims across a range of coverage types, including workers’ compensation, general liability, property and casualty, and disability
  • Utilize various surveillance techniques and equipment to monitor subjects covertly
  • Document and report observations, activities, and any relevant information in a clear and concise manner
  • Collaborate with other investigators and law enforcement agencies as needed to gather information and coordinate efforts
  • Maintain confidentiality and adhere to legal and ethical standards in conducting surveillance operations
What we offer
What we offer
  • Medical, dental, vision, basic life, AD&D, retirement plan and disability insurance
  • Seven paid holidays annually, sick days available where required by law
  • Vacation time offered at an initial accrual rate of 3.08 hours biweekly
  • Auto and travel allowances
  • Fulltime
Read More
Arrow Right
New

Business Analyst

We are looking for a Contract Business Analyst to support supply chain and opera...
Location
Location
United States , New York
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in business analysis within supply chain, operations, logistics, or a related business function
  • Proficiency with gap analysis, requirements gathering, and documenting business needs for technical and non-technical audiences
  • Familiarity with Agile Scrum practices and the ability to work effectively with cross-functional delivery teams
  • Strong analytical skills with experience reviewing documents, validating data, and identifying process or reporting issues
  • Ability to communicate clearly with stakeholders across operations, technology, and customer-facing teams
  • Experience using reporting and visualization tools such as Power BI, with exposure to cloud-based data environments preferred
  • Demonstrated ability to manage multiple priorities in a fast-paced Contract assignment while maintaining attention to detail
Job Responsibility
Job Responsibility
  • Partner with supply chain, procurement, logistics, and warehouse stakeholders to gather needs, define priorities, and translate operational goals into clear analytical requirements
  • Build and refine dashboards, reports, and performance views that improve visibility into inventory movement, partner performance, and service outcomes across the network
  • Evaluate current workflows, identify process gaps, and recommend improvements that strengthen data accuracy, reporting consistency, and decision-making
  • Work with technology and data teams in an Agile environment to document user stories, clarify acceptance criteria, and support solution delivery
  • Perform document review and business process analysis to ensure requirements, metrics, and reporting logic are aligned with operational objectives
  • Monitor data quality issues, investigate discrepancies, and help establish controls that improve trust in supply chain and operations reporting
  • Facilitate communication between business users and technical teams to ensure solutions are practical, scalable, and aligned with business expectations
  • Support ongoing analytics initiatives by applying structured problem-solving and gap analysis to uncover trends, risks, and improvement opportunities
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • 401(k) plan
  • Fulltime
Read More
Arrow Right
New

Surveillance Investigator

Allied Universal® is hiring a Surveillance Investigator. The Surveillance Invest...
Location
Location
United States , Springfield
Salary
Salary:
20.00 - 25.00 USD / Hour
aus.com Logo
Allied Universal®
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • High school diploma or equivalent
  • Post offer, must be able to successfully complete the Allied Universal Investigations' training/orientation course
  • Minimum of one (1) year of verifiable work experience, preferably involving investigations or other protective service-related field
  • Flexibility to work varied and irregular hours/days including weekends and holidays
  • Ability to type reports in Microsoft Word format with minimal grammatical and punctuation errors
  • Proficient in utilizing laptop computers, video cameras and cell phones
  • Capable of maintaining focus and multitasking effectively in a dynamic environment
  • Demonstrated ability to manage stressful situations with composure and professionalism
  • Ability to work in a very independent environment
  • Private Investigator’s license required prior to applying
Job Responsibility
Job Responsibility
  • Conduct independent investigations of insurance claims across a range of coverage types, including workers’ compensation, general liability, property and casualty, and disability
  • Utilize various surveillance techniques and equipment to monitor subjects covertly
  • Document and report observations, activities, and any relevant information in a clear and concise manner
  • Collaborate with other investigators and law enforcement agencies as needed to gather information and coordinate efforts
  • Maintain confidentiality and adhere to legal and ethical standards in conducting surveillance operations
What we offer
What we offer
  • Medical, dental, vision, basic life, AD&D, retirement plan and disability insurance
  • Seven paid holidays annually, sick days available where required by law
  • Vacation time offered at an initial accrual rate of 3.08 hours biweekly
  • unused vacation is only paid out where required by law
  • Parttime
Read More
Arrow Right
New

Surveillance Investigator

Location
Location
United States , St Louis
Salary
Salary:
23.00 USD / Hour
aus.com Logo
Allied Universal®
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • High school diploma or equivalent
  • Post offer, must be able to successfully complete the Allied Universal Investigations' training/orientation course
  • Minimum of one (1) year of verifiable work experience, preferably involving investigations or other protective service-related field
  • Flexibility to work varied and irregular hours/days including weekends and holidays
  • Ability to type reports in Microsoft Word format with minimal grammatical and punctuation errors
  • Proficient in utilizing laptop computers, video cameras and cell phones
  • Capable of maintaining focus and multitasking effectively in a dynamic environment
  • Demonstrated ability to manage stressful situations with composure and professionalism
  • Ability to work in a very independent environment
  • Private Investigator's license required prior to applying
Job Responsibility
Job Responsibility
  • Conduct independent investigations of insurance claims across a range of coverage types, including workers’ compensation, general liability, property and casualty, and disability
  • Utilize various surveillance techniques and equipment to monitor subjects covertly
  • Document and report observations, activities, and any relevant information in a clear and concise manner
  • Collaborate with other investigators and law enforcement agencies as needed to gather information and coordinate efforts
  • Maintain confidentiality and adhere to legal and ethical standards in conducting surveillance operations
What we offer
What we offer
  • Medical, dental, vision, basic life, AD&D, retirement plan and disability insurance
  • Seven paid holidays annually, sick days available where required by law
  • Vacation time offered at an initial accrual rate of 3.08 hours biweekly
  • unused vacation is only paid out where required by law
  • Fulltime
Read More
Arrow Right