Detection Engineer

About

Ready to secure the future of healthcare cybersecurity? Join securITe and work on cutting‑edge detection engineering for healthcare IT.

Responsibilities

• Detection Engineering – develop, optimise and continuously monitor detection rules to cover current threats, focusing on high detection quality and reduction of false positives using threat intelligence, incident learnings and MITRE ATT&CK.
• Detection‑as‑Code & Automation – advance a detection‑as‑code approach for scalable management of detection content and automate deployments of rules and dashboards with Python, APIs, Git and CI/CD.
• SIEM Content Engineering – standardise, normalise and evolve log data, map to ECS and ensure high data quality through parsing, enrichment and coverage analyses.
• Cross‑Platform Detection – create portable detection use cases and abstract detection logic for cross‑platform use.
• Collaboration – work closely with SOC, Incident Response, Consulting and Engineering teams to continuously improve detection capabilities.
• Quality & Development – continuously analyse existing detection content and evaluate new attack techniques and threats.

Requirements

• Completed technical education (HTL, FH, university) or comparable qualification with several years of experience in security engineering, detection engineering or security operations.
• Hands‑on experience with Elastic Security or comparable SIEM/security‑analytics platforms in production environments.
• Experience developing and optimising detection rules; solid knowledge of KQL, Lucene or EQL and log analysis.
• Experience integrating, normalising and analysing log data from diverse sources (Windows, Linux, network, cloud, applications).
• Strong understanding of modern detection and monitoring concepts, threat models and frameworks such as MITRE ATT&CK.
• Automation, scripting and integration skills (e.g., Python, APIs, Git, CI/CD); ideally knowledge of detection‑as‑code or infrastructure‑as‑code.
• Confident Linux usage; preferably experience with container technologies.
• Analytical, structured, solution‑oriented work style and excellent communication skills in German and English.

Benefits

• Comprehensive onboarding – structured onboarding, Welcome Day and a mentor (Patin/Pate) to help you feel at home from day 1.
• Training & development – individual training, seminars and workshops to keep you up‑to‑date with healthcare‑IT trends.
• Flexible working – hybrid model with generous flex‑time to adapt work to your needs.
• Regular events – summer parties, Christmas celebrations and team events to get to know colleagues in a relaxed setting.
• Health & fitness – discounted fitness‑membership, “Lease my Bike” option, and free fruit & drinks at many locations.
• Referral bonus – receive a bonus and extra vacation days when you refer a candidate who joins the company.
• Employee volunteering – paid time off for volunteering with organisations such as fire brigades, Red Cross, Caritas, etc.
• Salary – gross salary according to collective agreement ranges from € 4 000 to € 5 200, with adjustments based on qualification and experience.