Improve (Services)
Senior Information Security Consultant
We are committed to equal opportunities and diversity. We therefore welcome all applications - regardless of nationality, religion/worldview, ethnicity and social origin, age, and sexual orientation and identity.
f/m/d
Diversity
ASAP
Starting
Full time
Working time
Berlin/Remote
Location
The Job
Does that get you up in the morning?
- As an experienced IT Security Consultant at DCSO, you will advise our clients (primarily corporate groups and upper medium-sized businesses) in at least one of the following three focus areas:
- IT Security Architecture
- Information Security Incident Management
- Identity & Access Management
- Independent preparation and implementation of presentations and workshops for / with our customers
- Identifying customer needs and supporting our sales team in the creation of custom-fit complex project offers
- If desired: appearance as a speaker on expert topics at DCSO events or within the DCSO customer community
- Travel < 10%
Skills
What we’re looking for*
The desired qualifications are based on the three focus areas listed below.
All three areas of focus, however, require the following qualifications across all positions:
- Structured and solution-oriented approach to work as well as strong communication skills and ability to work in a team
- Ability to grasp things quickly and willingness to develop personally
- Language skills:
German: C1 level
English: B2 level - Relevant certifications, e.g. from ISACA, ISC2, ISO, GIAC, CSA are an advantage
*Courage to leave a gap: You don’t meet our requirements completely? We are still looking forward to your application!
The Job:
- Recording technical and organisational customer requirements
- Process and architecture consulting for the efficient integration of security-relevant systems
- Accompanying and advising customer projects in the IT security context in the role of a trusted advisor
- Carrying out requirements, capability and gap analyses in relation to technical security controls
- Support in project planning and project execution
- Travel activity < 10%
Skills:
- Many years of professional experience in IT, including several years in the upper mid-market or corporate environment
- Experience with the design of IT security architectures in medium-sized to large companies
- Basic understanding of the course of typical cyber attacks and suitable preventive measures
- Confident knowledge of German and English
- Relevant certifications, e.g. from ISACA, ISC2, ISO, GIAC, CSA are an advantage
The Job:
- Supporting our customers in setting up or further developing a SOC/CSIRT
- Carrying out needs, capability and gap analyses in the context of Incident Detection & Response
- Derivation and conception of suitable measures
- Development of use cases for detection & response
- Identification of critical assets to establish detection capability
- Identification and communication of different response strategies and their consequences
- Advice on the (further) development of the security incident management process
- Definition of response procedures for typical incident situations
- Advice on integrating security incident management into the surrounding process landscape
- Communication at eye level with various stakeholders, including representatives of IT operations, IT providers, etc.
- Travel < 10%
Skills:
- Several years of professional experience in the field of information security incident management
- Deep understanding of the MITRE ATT&CK® framework
- solid expertise in setting up, improving or operating a SOC/CSIRT
- basic knowledge and understanding of IT service management principles and frameworks such as ITIL
- Solid knowledge of German and English
- Relevant certifications, e.g. from ISACA, ISC2, ISO, GIAC, CSA are an advantage
The Job:
- Analysis, evaluation and consulting regarding implemented role and authorisation models in Active Directory / Azure AD.
- Recording and evaluation of existing concepts for the administration of IAM systems and corresponding advice
- Assessment of the compliance of implemented IAM concepts with regulatory requirements
- Analysis and evaluation of implemented privileged access management concepts
- Consulting on zero-trust application and network access concepts
- Consulting on secure integration of various on-premise and cloud-based applications in Azure AD
- Travel < 10%
Skills:
In-depth knowledge and several years of experience in Active Directory and Azure AD.
solid understanding of modern zero-trust and separation-of-duty concepts
basic cloud security knowledge
fundamental understanding of attack techniques directed against IAM concepts, especially in the area of lateral movement and privilege escalation
Confident knowledge of German and English
Relevant certifications, e.g. from ISACA, ISC2, ISO, GIAC, CSA are an advantage
We would like to increase the number of women in areas where they are underrepresented and are therefore particularly happy to receive applications from women. BIPOCs and people from the LGBTQIA+ community as well as people with a migration background are also strongly encouraged to apply. Applications from severely disabled people will be given preferential consideration in the context of equal suitability.
BENEFITS
Best Place to Work
-
Culture
International team
Company events
Close team atmosphere
Culture of trust
Openness and transparency -
Modern Work Environment
Trust-based flex time
Remote work
Part-time schedules
Ergonomic office equipment
Accessibility
"Bring-your-dog"
Sabbaticals -
Feel good
Fruit and vegetables
Diverse selection of drinks
Daily food allowance
Health care
Subsidy Urban Sports Club
Language courses with Babbel
voiio - Employee Wellbeing Plattform -
Financials
Market-competitive salary
30 days of vacation
Closed on 24th and 31st December
Employer-funded pension
Continuing education and conferences
Holiday-subsidy voluntary service
Subsidy BusinessBike
Subsidy "Deutschlandticket Job"
Shopping discount via Corporate Benefits
The JOB