Security Engineer (m/w/d)

Zeitraum: 01.07.2026 - 30.08.2029

Auslastung: 200 Stunden

Lokation: 100% Remote

Tasks

• Review existing documentation and implementation (Grafana dashboards, Loki queries, alerts) for their ability to detect relevant security threats and anomalies.
• Assess log coverage and completeness
• Review current alert thresholds and logic for false positives or blind spots.
• Provide structured feedback on security aspects of the product architecture & implementation, potential risks and recommending improvements to strengthen the overall security. Ensuring alignment with security best practices and compliance requirements.
• Propose new alerts and detection rules aligned with best practices
• Identify unnecessary or redundant alerts that can be retired.
• Recommend improvements to logging structure, retention, and enrichment where needed.
• Develop clear documentation describing what each alert means and how to respond.
• Create or improve runbooks for security events.

Requirements

• Strong background in security topics around Kubernetes, Keycloak, Linux, PostgreSQL etc .
• Experience with Grafana, and Loki for observability and alerting
• Experience building or tuning alerting systems for security detection (SIEM, IDS, or custom setups).
• Profound knowledge of securtity requirements and regulations in the banking domain.
• Understanding of log analysis, anomaly detection, and incident response processes.
• Experience with Open Source SIEM tools (e.g., Wazuh, Security Onion, ELK Stack).
• Familiarity with DevSecOps pipelines and Kubernetes admission controls.
• Ability to identify and explain relevant indicators of compromise (IOCs) and threat patterns.
• Strong analytical and documentation skills.
• Ability to communicate technical findings to non-security or operations staff.
• Proactive, collaborative approach to improving systems and processes.