Security Operation Engineer - Da Vinci Engineering GmbH

Key Responsibilities

• Operate and maintain SIEM platforms, ingesting logs from diverse sources and correlating events to detect anomalous activity.
• Lead incident response efforts, conducting root‑cause analysis, containment, eradication, and post‑mortem documentation.
• Develop and refine automated playbooks using Python and shell scripting to accelerate detection and response workflows.
• Collaborate with threat intelligence teams to enrich alerts and update detection rules.
• Monitor cloud (AWS) environments, ensuring security best practices and compliance with internal policies.
• Provide actionable security metrics and dashboards to senior stakeholders.

Requirements

• 3+ years of experience in security operations or SOC roles.
• Proficiency with SIEM solutions (e.g., Splunk, QRadar, ELK) and log management.
• Strong scripting skills in Python and Bash; experience with automation frameworks.
• Solid understanding of Linux system hardening, network security, and cloud security (AWS).
• Excellent analytical, communication, and problem‑solving abilities.