Lead Security Engineer (m/f/d)

We are seeking a skilled Lead Security Engineer to join our team and play a key role in safeguarding our organization from cyber threats while ensuring the operational uptime of our customer-facing and internal IT Security platforms.

In this role, you will lead the day-to-day operations of the Security Engineering team, continually enhancing our capabilities in cyber security protection, mitigation, and control. The team is responsible for the deployment, management, and ongoing improvement of our IT security solutions, ensuring the integrity, confidentiality, and availability of our systems and data. You will also ensure our security solutions align with industry best practices and fulfil Thinkproject’s compliance obligations across all platforms.

The Lead Security Engineer will lead and mentor a team, driving a coordinated and strategic response to both emerging and ongoing threats. They will also ensure that the organization's cyber security controls, solutions and platforms are maintained in alignment with service level agreements (SLAs) for both customers and internal stakeholders.

The ideal candidate will have extensive experience working within a Security Engineering team and possess hands-on expertise in implementing, configuring, and managing solutions for security logging, monitoring, threat detection, vulnerability management, endpoint protection, and infrastructure security.

The candidate should bring leadership and mentoring capabilities, providing oversight and expert guidance to other security engineers while promoting a positive culture of continuous improvement.

The Lead Security Engineer will also be responsible for monitoring the health of Thinkproject's IT security infrastructure, responding to health-related events.

This role sits within the Product Operations and Corporate IT branch, reporting to the Director of Cyber Security and Networking, and operates as part of the broader Cyber Security, Network Engineering, and Operations team.

· Lead the daily operations of the Security Engineering team, ensuring effective management of incidents, requests, problems, and projects related to the IT security infrastructure, solutions and controls maintained by the team.
· Support the Security Operations Team with Investigation and response to security events and incidents, ensuring timely identification, containment, eradication, and recovery. Assist with development of event response procedures and playbooks
· Support the Central IT functions with Investigation and response to IT events and incidents, ensuring timely identification, containment, eradication, and recovery.
· Arrange and oversee frequent penetration tests of our solutions, ensuring they are conducted successfully and without impacting service.
· Ensure all security engineering operations are conducted in compliance with relevant regulatory requirements, industry standards, and internal policies. Assist in the preparation and maintenance of audit and compliance documentation.
· Manage the output of security issues from cyber security assessment tools, coordinating with key stakeholders to ensure timely mitigation and remediation of identified issues and threats.
· Contribute to the ongoing maturation of the Security Engineering team by introducing new solutions to enhance departmental operations and improve cybersecurity coverage.
· Oversee the day-to-day management of a comprehensive suite of security products and tools, including (but not limited to): Web Application Firewalls (WAF), Endpoint Detection and Response (EDR), Remote Access and Zero Trust solutions, Patch Management solutions, Vulnerability and Penetration Testing solutions, Threat Response solutions, Cloud Security Posture Management, Application Security Posture Management, Cyber Security Awareness Training, Email Security Gateways, Privileged Access Management, Software Composition Analysis, Static Code Analysis, Password Management, Public and Private PKI, SIEM, Identity Management, Dark/Deep Web Monitoring, Asset and Endpoint Management, and Data Classification/Data Loss Prevention (DLP) solutions.
· Ensure that deployed security controls and solutions consistently generate valuable and actionable alerts to support the Security Operations Centre (SOC), including regular tuning to minimize false positives and effective integration with SIEM and other monitoring systems.
· Assist in the development and management of the IT Security budget, providing input on resource planning, tooling requirements, training needs, and operational costs. Collaborate with leadership to ensure the budget aligns with strategic objectives and supports the ongoing growth and maturity of the SOC function
· Mentor and guide security engineers, fostering a positive culture of continuous improvement. Coordinate the team to ensure an effective and consistent response to both emerging and ongoing threats.
· Conduct daily, weekly, and monthly stand-up meetings with internal teams and the wider engineering and operations groups to ensure effective coordination and alignment on current and upcoming deliverables and objectives.
· Respond to security issues, vulnerabilities, and threats escalated to the Security Engineering team, and assist in resolving them using tools and solutions managed by the IT Security team.
· Assist with the management of Microsoft 365 platforms and solutions, ensuring optimal configuration to maintain confidentiality, integrity, and availability for our business operations
· Assist with the management of Cloud Hosting platforms and solutions, ensuring optimal configuration to maintain confidentiality, integrity, and availability for our business operations
· Ensure projects involving the Security Engineering team are effectively managed and delivered on schedule, with coordinated use of resources both within and outside the team.
· Work independently and coordinate resources under the direction of the Cyber Security Director to ensure the successful delivery of business objectives.

You Must Have:

Language & Communication

· Proficiency in spoken and written English, with the ability to communicate effectively across both technical and non-technical audiences

· The ability to communicate difficult or sensitive information tactfully

Education & Experience:

· At least 5 years of relevant experience

· Strong knowledge of cybersecurity principles, threat landscapes, and incident response procedures

· Awareness of current and emerging cyber threats affecting SaaS organisations

Technical Experience:

· Hands-on experience with Web Application Firewalls (WAF), Endpoint Detection and Response (EDR), Remote Access and Zero Trust solutions, Patch Management solutions, Vulnerability and Penetration Testing solutions, Email Security Gateways, Privileged Access Management, Password Management, Public and Private PKI, SIEM, Identity Management, Asset and Endpoint Management Solutions, and Data Classification/Data Loss Prevention (DLP) solutions

· Hands-on experience with Conditional Access, Multi Factor Authentication and Identity Management solutions.

· Hands-on experience with the Microsoft Azure cloud platform, Microsoft Entra, Microsoft Intune, and Microsoft 365, along with applying best-in-class security protections to these solutions.

· Understanding of common IT systems / concepts, including but not limited to; DNS (public and private), TCP/IP, Firewalling, Active Directory, APIs, Encryption, Access control, Infrastructure as code.

Teamwork & Leadership:

· A positive, self-motivated attitude and the ability to inspire and motivate others

· The ability to work effectively in a team environment, collaborating with cross-functional teams to achieve shared objectives

· Strong time management and prioritisation skills, with the ability to manage your own workload and support others in doing the same

· The ability to perform effectively under pressure, prioritise tasks, and make sound decisions in high-stress or emergency situations

· A proactive mindset with the ability to critically evaluate your own work, identify improvement opportunities, and automate, simplify, or standardise processes where appropriate

· Experience taking ownership of project delivery and coordinating resources both internally and across teams to achieve business objectives.

· Experience ensuring adherence to business objectives and SLAs to deliver the best possible customer experience.

It Would Be Good to Have:

Language Skills:

· Proficiency in German (spoken and written)

Leadership & Strategy:

· Experience leading a security engineering function to enhance operational maturity

· Experience developing and delivering security posture reports for diverse audiences, including stakeholders, customers, and senior management

· Experience leading an operational team and coordinating analyst resources

· Experience producing and managing key performance indicators (KPIs) to measure team performance and drive continuous improvement

· Experience managing team budgets and contributing to team financial planning

Technical Experience:

· Hands-on experience with Threat Response, Cloud Security Posture Management, Application Security Posture Management, Cyber Security Awareness Training, Software Composition Analysis, Static Code Analysis, DDOS Protection, and Dark/Deep Web Monitoring solutions

· Hands-on experience with the Amazon AWS cloud platform, along with applying best-in-class security protections to these solutions.

· Practical knowledge of common cyber security standards (ISO27001, C5, Cyber Essentials, etc)

Teamwork & Leadership:

· Experience conducting and facilitating daily, weekly, and monthly stand-up meetings to support effective team coordination and delivery

Please submit your application, including salary expectations and potential date of entry, by submitting the form on the next page.

Working at thinkproject.com - think career. think ahead.