Improve (Services)

Senior Information Security Consultant

We are committed to equal opportunities and diversity. We therefore welcome all applications - regardless of nationality, religion/worldview, ethnicity and social origin, age, and sexual orientation and identity.

f/m/d

Diversity

ASAP

Starting

Full time

Working time

Berlin/Remote

Location

The Job

Does that get you up in the morning?

  • As an experienced IT Security Consultant at DCSO, you will advise our clients (primarily corporate groups and upper medium-sized businesses) in at least one of the following three focus areas:

 

  • IT Security Architecture
  • Information Security Incident Management
  • Identity & Access Management

 

  • Independent preparation and implementation of presentations and workshops for / with our customers
  • Identifying customer needs and supporting our sales team in the creation of custom-fit complex project offers
  • If desired: appearance as a speaker on expert topics at DCSO events or within the DCSO customer community
  • Travel < 10%

Skills

What we’re looking for*

The desired qualifications are based on the three focus areas listed below.

All three areas of focus, however, require the following qualifications across all positions:

  • Structured and solution-oriented approach to work as well as strong communication skills and ability to work in a team
  • Ability to grasp things quickly and willingness to develop personally
  • Language skills:
    German: C1 level
    English: B2 level
  • Relevant certifications, e.g. from ISACA, ISC2, ISO, GIAC, CSA are an advantage

*Courage to leave a gap: You don’t meet our requirements completely? We are still looking forward to your application!

The Job:

  • Recording technical and organisational customer requirements
  • Process and architecture consulting for the efficient integration of security-relevant systems
  • Accompanying and advising customer projects in the IT security context in the role of a trusted advisor
  • Carrying out requirements, capability and gap analyses in relation to technical security controls
  • Support in project planning and project execution
  • Travel activity < 10%

Skills: 

  • Many years of professional experience in IT, including several years in the upper mid-market or corporate environment
  • Experience with the design of IT security architectures in medium-sized to large companies
  • Basic understanding of the course of typical cyber attacks and suitable preventive measures
  • Confident knowledge of German and English
  • Relevant certifications, e.g. from ISACA, ISC2, ISO, GIAC, CSA are an advantage

The Job:

  • Supporting our customers in setting up or further developing a SOC/CSIRT
  • Carrying out needs, capability and gap analyses in the context of Incident Detection & Response
  • Derivation and conception of suitable measures
  • Development of use cases for detection & response
  • Identification of critical assets to establish detection capability
  • Identification and communication of different response strategies and their consequences
  • Advice on the (further) development of the security incident management process
  • Definition of response procedures for typical incident situations
  • Advice on integrating security incident management into the surrounding process landscape
  • Communication at eye level with various stakeholders, including representatives of IT operations, IT providers, etc.
  • Travel < 10%

Skills: 

  • Several years of professional experience in the field of information security incident management
  • Deep understanding of the MITRE ATT&CK® framework
  • solid expertise in setting up, improving or operating a SOC/CSIRT
  • basic knowledge and understanding of IT service management principles and frameworks such as ITIL
  • Solid knowledge of German and English
  • Relevant certifications, e.g. from ISACA, ISC2, ISO, GIAC, CSA are an advantage

The Job:

  • Analysis, evaluation and consulting regarding implemented role and authorisation models in Active Directory / Azure AD.
  • Recording and evaluation of existing concepts for the administration of IAM systems and corresponding advice
  • Assessment of the compliance of implemented IAM concepts with regulatory requirements
  • Analysis and evaluation of implemented privileged access management concepts
  • Consulting on zero-trust application and network access concepts
  • Consulting on secure integration of various on-premise and cloud-based applications in Azure AD
  • Travel < 10%

Skills:

In-depth knowledge and several years of experience in Active Directory and Azure AD.
solid understanding of modern zero-trust and separation-of-duty concepts
basic cloud security knowledge
fundamental understanding of attack techniques directed against IAM concepts, especially in the area of lateral movement and privilege escalation
Confident knowledge of German and English
Relevant certifications, e.g. from ISACA, ISC2, ISO, GIAC, CSA are an advantage

We would like to increase the number of women in areas where they are underrepresented and are therefore particularly happy to receive applications from women. BIPOCs and people from the LGBTQIA+ community as well as people with a migration background are also strongly encouraged to apply. Applications from severely disabled people will be given preferential consideration in the context of equal suitability.

BENEFITS

Best Place to Work

  • Culture

    International team
    Company events
    Close team atmosphere
    Culture of trust
    Openness and transparency

  • Modern Work Environment

    Trust-based flex time
    Remote work
    Part-time schedules
    Ergonomic office equipment
    Accessibility
    "Bring-your-dog"
    Sabbaticals

  • Feel good

    Fruit and vegetables
    Diverse selection of drinks
    Daily food allowance
    Health care
    Subsidy Urban Sports Club
    Language courses with Babbel
    voiio - Employee Wellbeing Plattform

  • Financials

    Market-competitive salary
    30 days of vacation
    Closed on 24th and 31st December
    Employer-funded pension
    Continuing education and conferences
    Holiday-subsidy voluntary service
    Subsidy BusinessBike
    Subsidy "Deutschlandticket Job"
    Shopping discount via Corporate Benefits