Jobtitel: 75% remote: Cloud Security Operations Engineer (f/m/d)
Zahlungsintervall: Stündlich
Lohnsatz: Verhandelbar
Ort: Frankfurt am Main, Remote
Job veröffentlicht: 21-05-2026
Job-ID: 75072
Name: Dirk Gebhardt
Telefonnummer: +494087709284
E-Mail: dirk.gebhardt@nemensis.de

Stellenbeschreibung

For our client we are looking for a Cloud Security Operations Engineer (f/m/d).
 
Start: 29.06.2026
Duration: 31.12.2026++
Capacity: 100%
Location: 75% Remote, 25% Frankfurt (occasionally, sometimes Berlin)
1 week Frankfurt / 3 weeks remote in rotation, up to 50% onsite in peak times
Language: English is a must (C1), German is a plus (C1)
 
Team:
Information Security, Risk and Compliance (ISRC) is a vital and independent function which focuses on embedding robust security and compliance practices throughout the product portfolio, platform management and architecture.
ISRC consults designing and managing secure systems for the cloud platform through leading security design, threat modeling, and compliance
initiatives to ensure a resilient architectural foundation.
Ensuring security related processes to enhance platform visibility and
implement streamlined, effective security workflows for operational integrity. Additionally, ISRC consults with all product lines to integrate DevSecOps practices, emphasizing secure code analysis, supply chain security, and automated security testing to deliver robust, secure product development lifecycles.
 
Tasks:
- SecOps Tooling Engineering
- Incident Response activities
- Detection engineering
 
Skills (must-have):
- Experience with engineering background in SIEM/SOAR, EDR platforms, log ingestion, telemetry pipelines, scripting (Python, PowerShell, Go), and cloud-native security tooling
- Experience with infrastructure-as-code, CI/CD toolchains, and container orchestration platforms (Kubernetes
- Experience with threat modelling, detection engineering frameworks, developing TTP matrixes, and MITRE ATT&CK
- Experience creating architectural diagrams, interface specifications, and onboarding guidelines
- Experience in Logging and detection solutions for cloud architecture
 
Skills (should-have):
- Experience with Wazuh
- Experience with Observability platforms and Open Telemetry
- Experience in SOC Analyst Tier 1-3 roles or understanding of security operations centers
- Experience in security frameworks (BSI, ISO 27001, MITRE ATT&CK, etc.)
- Experience in GCP or public cloud provider
- Experience in related DFIR or blue team domains (CySA+, GIAC, GCIH, BTL)
- Experience in Kubernetes security (CKS or CNCF related)