Work for

Security Incident Manager

Job type:Permanent
Town/City:Frankfurt
Region:Hessen
Sector:Cyber Security
Client Company Type:In-House
Job ref:6916
Post Date:October 30, 2025
Apply NowCreate Job Alert

Meet Our Recruiter

Josh Mooney

Managing Consultant - Cyber Security
+44 208 157 2515
+49 89 4750 2146
+44 7441 346 212
josh.mooney@mamgruppe.com
Contact on WhatsApp

About the Role

Security Incident Manager
Location: Frankfurt am Main - Hybrid

A role that inspires you

You will play a pivotal role in safeguarding critical ICT systems for a leading international organisation. In this strategic position, you will lead responses to major cyber incidents, strengthen incident management processes, and help shape the overall security posture of the organisation.

This is an opportunity to work at the intersection of technology, risk, and strategy — protecting vital operations while collaborating with experts across security, IT, and risk functions.

What you’ll be doing

You will:
• Lead and coordinate end-to-end responses to major security incidents, including detection, containment, eradication, recovery, and lessons learned.
• Serve as the central escalation point for incidents, ensuring clear communication between technical teams, management, and external stakeholders.
• Perform in-depth technical analysis of security events using SIEM, EDR, IDS/IPS, and threat intelligence tools.
• Support forensic investigations, root cause analyses, and vulnerability assessments.
• Develop and refine incident response playbooks, processes, and KPIs in line with ICT risk governance.
• Conduct post-incident reviews and share best practices to enhance security awareness across the organisation.
• Collaborate closely with risk management, compliance, and IT infrastructure teams to improve resilience and reduce risk exposure.

Your work will directly influence how the organisation detects, responds to, and recovers from cyber threats, ensuring business continuity and trust.

What you bring

You are an experienced cyber security professional who thrives in high-stakes environments:
• Degree in Computer Science, Information Security, or related field — or equivalent professional experience.
• Several years of hands-on experience in cyber security operations, incident response, or SOC/CSIRT functions.
• Strong technical knowledge of networks, operating systems, malware analysis, and modern attack techniques (e.g., APTs, ransomware).
• Familiarity with regulatory frameworks such as ISO 27001, NIST, BAIT, or DORA is advantageous.
• Exceptional problem-solving and decision-making skills under pressure.
• Excellent communication skills in English; German proficiency highly valued.
• Ability to operate effectively within a complex, international enterprise environment.

What’s on offer

• A strategic role at the heart of a leading international organisation.
• Competitive compensation with performance-based bonuses and attractive benefits.
• Hybrid working model offering flexibility and work-life balance.
• A culture of innovation, collaboration, and continuous professional development.
• Opportunities to work with cutting-edge security technologies and industry-leading experts.

About the opportunity

This position is being managed exclusively by MAM Gruppe, a specialist recruitment partner connecting world-class professionals with leading organisations across Europe.
All applications are handled with the strictest confidentiality.

More Jobs from this Recruiter

Stuttgart, Baden-Württemberg

Senior Threat Intelligence Specialist

Senior Threat Intelligence Specialist  Stuttgart  Our client, a globally recognised technology and engineering group with operations, is seeking a Senior Threat Intelligence Specialist to join its Group Information Security function. You will lead the identification, analysis, and communication of advanced cyber threats targeting the group's global operations and supply chain, working closely with SOC, Incident Response, and stakeholders to ensure the organisation maintains a proactive, intelligence-driven security posture. Key Responsibilities  Lead the production of strategic, operational, and tactical threat intelligence products for a range of audiences, from technical security teams to C-level leadership. Identify and track advanced threat actors with a focus on threats relevant to manufacturing, OT/ICS environments, and global supply chains. Apply structured analytic frameworks to assess adversary TTPs and translate findings into actionable defensive recommendations. Drive intelligence collection from OSINT, commercial feeds, and sector ISACs; manage platform quality and relevance across tooling such as Recorded Future, MISP, or equivalent. Serve as a senior point of contact for threat intelligence across internal teams including SOC, Red Team, Vulnerability Management, and OT Security. Contribute to the development and maturity of the threat intelligence programme, including metrics, processes, and junior analyst development. Key Requirements  8–12 years of cyber security experience Deep knowledge of APT groups and threat actors targeting critical industries, OT/ICS environments, and global supply chains. Proficiency with MITRE ATT&CK (including ICS matrix), structured analytic techniques, and threat intelligence platforms. Experience with operational technology (OT) security considerations and the distinct threat landscape facing industrial environments. Strong written and verbal communication skills in English; German language skills are highly desirable. Relevant certifications such as CREST CTIA, GIAC GCTI (FOR578), GICSP, or equivalent.
Learn More
NRW , Nordrhein-Westfalen

Senior IAM Architect

  Senior IAM Architect Our client is a large international organisation seeking an Enterprise Security Architect to join their Group Information Security function, with a focus on Identity and Access Management. You will sit within the Security Architecture department, responsible for the domain-specific development and ongoing enhancement of a group-wide security architecture, with the goal of ensuring and continuously improving IT security and cyber resilience across the organisation. Key Responsibilities: Analyse cybersecurity IAM trends relevant to the organisation, including regulatory developments and emerging technologies such as AI, Cloud and Non-Human Identities Produce IAM-specific risk assessments as part of technical security architecture design, covering cost, benefit and risk reduction Evaluate IAM threat scenarios and design high-level IAM security architectures, including standards, baselines and reusable artefacts such as patterns and blueprints Drive stakeholder alignment and steer solution design and implementation as subject matter expert, including presenting in group-wide security forums Assess IT security posture against best practices and provide actionable recommendations aligned to ISO and NIST frameworks Your Profile: Degree in Computer Science or a comparable qualification Extensive experience in the Identity and Access Management domain, ideally including proven delivery of IAM architecture within large organisations Strong background in security architecture roles, covering both technology-specific and enterprise-level architecture including target state definition and roadmaps Hands-on experience with IAM platforms and tooling, ideally including: IAM: Microsoft Entra ID / Active Directory, Ping Identity, Okta PAM: CyberArk / BeyondTrust IGA: SailPoint / Oracle OIG Zero Trust: NIST 800-207 Understanding of attacker mindset and offensive security; certifications such as OSCP, CEH or equivalent are advantageous Ability to work independently and take ownership of complex technical topics Strong problem-solving mindset with a structured, solution-oriented approach Fluent in English; German language skills are an advantage
Learn More
Bavaria, Bayern

SOC Lead

Director SOC Our client is a large international organisation seeking a senior leader for the newly created role of Director Security Operations. This is a central function responsible for overseeing and managing security vulnerabilities across the organisation's security landscape. You will be accountable for effective monitoring, detection and management of vulnerabilities across Cyber and Product Security, ensuring clear, organisation-wide visibility of threats and weaknesses to enable the relevant teams to act. The focus of this role is transparency, prioritisation and consistent follow-through — direct remediation and incident response are outside its scope. Key Responsibilities: Drive the development of organisation-wide security monitoring and detection capabilities Lead the enterprise vulnerability management framework, ensuring systematic identification, prioritisation and tracking of vulnerabilities across IT, cloud and product environments Build and operate a new Product Security Testing Centre, establishing scalable services for vulnerability analysis and penetration testing Provide decision-relevant situational reporting for IT operational security, product security, system owners and senior leadership including the CISO Act as the escalation point for systemic or uncontrolled vulnerabilities, ensuring transparency and clear accountability Your Profile: Proven experience leading functions in security monitoring, threat detection or vulnerability management Strong working knowledge of SIEM, vulnerability scanning and enterprise-scale testing platforms Experience independently leading an organisation-wide vulnerability management programme with the ability to prioritise on a risk basis Familiarity with product security testing, including penetration testing or fuzzing Track record of building scalable, repeatable operational processes with a focus on signal quality over tool proliferation
Learn More
Frankfurt, Hessen

Penetration Tester

Penetration Tester Location: Frankfurt Our client is a large international organisation seeking a Penetration Tester to join their information security team. You will join the information security team, helping to ensure products and projects are delivered securely. Key Responsibilities: Plan, execute and track penetration tests, evaluating findings and proposing mitigation actions. Produce clear test reports and maintain statistics for reporting and tracking purposes. Provide technical support to security functions including SOC, risk management and architecture. Coordinate activities such as bug bounties, SAST, DAST, audits and vulnerability scanning. Contribute to secure coding training and awareness initiatives. Serve as the internal point of contact for all penetration testing queries and follow up on findings. Your Profile: Degree in Computer Science, Business Informatics or equivalent IT experience. At least 3 years of hands-on penetration testing experience. Solid understanding of the cyber threat and vulnerability landscape. Certifications such as CompTIA PenTest+, CEH, GPEN or OSCP are advantageous. Self-driven and results-oriented, with the ability to work independently. Advanced English proficiency; additional languages are a plus.
Learn More
View All

Latest Blogs

View all blogs