Senior Elastic Stack Content Engineer m/w/d

About Us

Operational Services (OS) is one of the leading ICT service providers in the German market and is considered the backbone of digitalization for the German Mittelstand. It is the leading, agile unit of the Telekom Group to sustainably accelerate digital transformation in the German Mittelstand. With over 1,000 highly qualified employees, it develops and operates state-of-the-art information systems, manages private and public cloud platforms, and ensures long-term 24/7 system support and the availability of critical operational processes.

Responsibilities

• Planning, project management, and execution of implementations and commissioning with a focus on Security, SIEM, and Observability.
• Analysis and resolution of problems, as well as error diagnosis in detection scenarios within SIEM systems (Content Engineering).
• Design, implementation, and optimization of detection scenarios in security analytics systems (such as Elastic SIEM).
• Leadership of complex orders and projects, including resource planning, steering, and coordination of collaboration with the SOC provider, steering a project team of Content Engineers, and ensuring technical and time-based goal achievement.
• Definition, initiation, and control of measures to ensure service levels, security standards, and customer satisfaction.
• Development of strategic concepts for the specification and development of extensive solutions and requirements, particularly in the area of detection scenarios and protection goals, as well as holistic detection concepts.
• Technical support or leadership in acquisition processes, including feasibility analyses.
• Active participation in the further development of the service and solution portfolio and the security solutions implemented at the customer's site, especially in the areas of Elastic Security, Observability, and Content Engineering.

Qualifications

• Master's or diploma degree in Computer Science, IT Security, or a comparable qualification - alternatively, corresponding, demonstrable professional experience.
• Minimum of seven years of professional experience, with at least five years in IT Security, in the areas of Threat Detection, Content Engineering, SOC, or similar.
• Experience with SIEM and/or XDR systems (Palo Alto, Elastic, SPLUNK, etc.).
• Very strong customer-oriented and entrepreneurial thinking, including collaboration with management and C-level.
• High analytical and conceptual competence, especially regarding attack techniques and defense measures in the cybersecurity environment.
• Certifications in IT Security or Elastic are an advantage.
• Very good German and English language skills, both written and spoken.

Benefits

• Germany-wide mobile working.
• Attractive salary package with profit sharing.
• 37 hours/week with working time accounts.
• Employer-funded further training and certifications.

An additional plus are our bicycle leasing, 30 days of vacation, subsidized Deutschlandticket, employer-funded pension plan, capital-forming benefits, group accident insurance for work and leisure, as well as employee discounts for many products of the Deutsche Telekom group.