Job Drop BerlinYOUR WAY INTO BERLIN TECH
POST A JOBSAVED JOBSMEET A STARTUPREADSUBSCRIBE
NewsletterLinkedIn
AboutTermsImpressumPrivacy

Senior SOC Engineer

NN26
Seniority
Senior
Model
Hybrid
Sector
Fintech
Salary
Undisclosed
Contract
Full-Time

About the role

We are seeking a Senior / Lead SOC Platform Engineer to own and evolve cloud-based logging and automation platforms that power our Security Operations Center. You will lead initiatives that strengthen visibility, automation, and detection capabilities across the organization while designing scalable AWS logging pipelines and managing ingestion into Google SecOps.

What you'll do

  • Lead SOC engineering initiatives including automation, SIEM-IT Service Management integration, and threat framework mapping adoption
  • Own data ingestion workflows for the SIEM system and ensure high-quality, reliable telemetry
  • Support and integrate deceptive security technologies and participate in purple team exercises
  • Collaborate with detection engineering, incident response, cloud teams, and security leadership to improve platform reliability

What you'll need

  • 5+ years of experience in SOC engineering, security engineering, cloud engineering, or platform engineering
  • Proven experience designing and operating large-scale logging pipelines in cloud environments
  • Strong understanding of SOC operations, detection workflows, and modern telemetry requirements
  • Deep hands-on experience with AWS services (S3, IAM, Lambda, Kinesis, CloudWatch, Step Functions, Glue, Athena, Glacier)
  • Expertise with SIEM ingestion pipelines, ideally Google SecOps (Chronicle) with S3 ingestion
  • Strong understanding of log structures (JSON, CloudTrail, VPC Flow Logs, Syslog) and schema normalization
  • Proficiency with Infrastructure as Code (Terraform preferred)
  • Strong scripting/programming skills (Python, Bash)
  • Experience automating data validation, log onboarding, and pipeline health checks
  • Familiarity with MITRE ATT&CK mapping workflows using Navigator

Nice to have

  • Google SecOps (Chronicle) engineering experience
  • Experience implementing automation for next-generation or Agentic SOC capabilities
  • Experience with deception frameworks (Canary, Thinkst, IllusionBLACK)

What they offer

  • Competitive personal development budget and work from home budget
  • Discounts to fitness & wellness memberships, language apps and public transportation
  • Premium N26 bank account subscription plus subscriptions for friends and family
  • Additional day of annual leave for each year of service
  • High degree of autonomy and access to cutting edge technologies
  • Relocation package with visa support for those who need it
APPLY →