SOC Lead

SOC Lead Ready to Build Something That Doesn't Exist Yet? Most SOC roles ask you to maintain. This one asks you to create. A global industrial technology business, over 175 years old and still innovating, has made cyber security a boardroom priority. They're building their CDC from the ground up, and they need a Lead who can architect the entire function: strategy, processes, automation, tooling, and a team of analysts to back it up. This is a rare opportunity to put your name on something. No inherited processes. No legacy decisions to unpick. Just a clear mandate, executive backing, and the freedom to do it right. What You'll Be Doing You'll take end-to-end ownership of the CDC — defining how it operates, how it scales, and how it matures. Day to day, that means: Designing and owning all CDC processes, SOPs, runbooks, and playbooks — building from scratch, not from a template Leading an automation-first approach: implementing and continuously improving SOAR capabilities to cut manual workload and sharpen response times Developing the CDC roadmap with a clear eye on regulatory requirements including NIS2 and ISO 27001 Acting as incident manager for critical events — staying strategic, not getting pulled into the weeds Integrating OT security requirements into centralised monitoring alongside IT environments Selecting, optimising, and managing the security technology stack — SIEM, SOAR, XDR Leading, mentoring, and developing a team of 3–5 security analysts Reporting CDC performance to senior leadership through meaningful KPIs (MTTD, MTTR) The Company You'll be joining a global industrial technology business with a 175-year track record of innovation. The organisation operates across IT and OT environments at scale — which means the security challenges here are genuinely complex, and the investment behind this function is real. Cyber security has moved firmly onto the executive agenda. You'll have the organisational weight behind you to build this properly. What You'll Need Solid experience in a SOC, CDC, or Information Security leadership environment A process-first mindset — you think in workflows, not just incidents Hands-on experience with SOAR platforms and an instinct for automation Familiarity with SIEM and XDR tooling Working knowledge of relevant frameworks and standards — NIST, SANS, ISO/IEC 27001, NIS2 Experience leading and developing security analysts Business-level German and strong English — you'll need both Comfortable with on-call responsibilities and major incident availability How to Apply You can apply directly through this page, or reach out to the consultant listed in this advert if you'd prefer a conversation first. Your CV doesn't need to be polished or up to date — send what you have. If this sounds like the right move, we'd rather hear from you early than not at all.

Security Analyst Location: Munich Our client is seeking a Security Analyst to support security testing and research activities across embedded and hardware-focused technology environments. This role focuses on vulnerability analysis, embedded software security and the evaluation of advanced security concepts within modern product ecosystems. Key Responsibilities: Perform security assessments and vulnerability analysis for embedded systems and connected devices. Support hardware and software-focused security testing activities. Contribute to security reviews, technical evaluations and risk assessments. Assist with the development of security testing methods and analysis techniques. Collaborate with international engineering and research teams on security-related initiatives. Support internal knowledge sharing and technical consulting activities. Evaluate emerging technologies and approaches related to embedded and product security. Your Profile: Degree in Computer Science, Engineering or a related technical field. Experience within embedded systems, security testing or security research environments. Understanding of embedded software, hardware security or cryptographic concepts. Familiarity with vulnerability analysis and security assessment methodologies. Experience with programming languages such as C, Java or low-level technologies would be advantageous. Strong analytical and troubleshooting skills. Collaborative and solution-oriented working style. Fluent German and English language skills. What’s on Offer? Opportunity to work on advanced security and embedded technology topics. International and collaborative working environment. Flexible hybrid working model. Long-term technical development opportunities.

Vice Director Cyber Hygiene  Location: Frankfurt Our client is seeking a Vice Director Cyber Hygiene to support the operational and strategic development of its cyber hygiene and vulnerability management function. This role focuses on vulnerability scanning, tooling integration and the coordination of security operations within a complex environment. Key Responsibilities: Oversee day-to-day cyber hygiene and vulnerability management activities. Support vulnerability scanning operations and exposure management initiatives. Coordinate the integration and optimisation of security tooling and platforms. Collaborate with internal stakeholders on operational and security-related topics. Support the implementation of strategic security initiatives across the function. Contribute to operational governance, reporting and continuous improvement activities. Assist with the development and scaling of security operations capabilities. Your Profile: Strong experience within vulnerability management or cyber hygiene environments. Hands-on knowledge of Tenable One or comparable vulnerability management platforms. Understanding of security operations, scanning technologies and exposure management. Experience working within large or regulated environments would be advantageous. Strong communication and stakeholder management skills. Independent and solution-oriented working style. Fluent German and English language skills. What’s on Offer? Senior position within an international security environment. Exposure to large-scale cyber security and transformation initiatives. Collaborative and modern working culture. Long-term development and progression opportunities.

Global Incident Response Manager Location: Hamburg A global organisation is seeking a Global Incident Response Manager to lead its international cyber incident response function. This role offers broad responsibility across cyber resilience, crisis management and incident response operations within a fast-paced and highly visible environment. Key Responsibilities: Lead and further develop the global cyber incident response programme. Coordinate and manage major cyber security incidents across international teams and business units. Develop and maintain incident response playbooks, crisis procedures and testing programmes. Support regulatory and legal notification requirements related to cyber incidents and data breaches. Collaborate with IT, Legal, Compliance and executive leadership during live incidents. Lead post-incident reviews and drive continuous improvement initiatives. Manage external incident response providers, forensic partners and relevant stakeholders. Support cyber resilience, business continuity and operational readiness initiatives. Your Profile: Significant experience within cyber incident response, cyber security operations or digital forensics. Strong understanding of incident response frameworks and cyber threat landscapes. Experience managing complex or large-scale cyber incidents. Familiarity with regulatory requirements including DORA, NIS2 and GDPR. Strong leadership, stakeholder management and communication skills. Calm and structured approach within high-pressure environments. Fluent German and strong English language skills. What’s on Offer? International and high-impact leadership role. Broad exposure to cyber resilience and crisis management topics. Collaborative and well-resourced security environment. Flexible hybrid working model. Competitive compensation and long-term development opportunities.