Cyber Defence Center Lead (m/f/d)

Process Ownership & Governance: You assume the overall responsibility for all CDC processes. You define how Incident Detection and Response take place and transfer informal knowledge into resilient, auditable structures (SOPs). Automation & Efficiency: “Automation First” is your leitmotif. You drive the implementation and optimization of SOAR solutions (Security Orchestration, Automation and Response) to relieve analysts from routine tasks. Runbook engineering: You create, maintain and refine detailed runbooks and playbooks for different attack vectors. So make sure that every handle is seated in case of seriousness. Strategic development: You develop the roadmap for the CDC and harmonize regulatory requirements (NIS-2, ISO 27001), business needs and technological innovations into a clear strategy. Documentation & Reporting: You provide complete, audit-proof documentation and establish a meaningful KPI report (e.g. MTTD / MTTR) to render the performance of the CDC transparent to management. Incident Management Coordination: As an overarching incident manager, you can ensure the structured processing according to an emergency plan in critical situations – without losing in technical detail. Integration IT & OT: You develop concepts to integrate the specific requirements of the production environments (OT) into the central monitoring processes. Inspiring Leadership: You guide professionally, coach and develop your team from internal security analysts. You create a culture of learning and vigilance. Tech & Vendor Management: You control the selection and optimization of our Tech Stack (SIEM, SOAR, XDR) and take over the provider management to align technical and economic goals.

Education & experience: Completed studies (informatics, business informatics) as well as several years of experience in the area of Information Security / SOC / CDC. Structured thinking: You think in workflows, process chains and standards (e.g. NIST, SANS, ISO / IEC 27001) and transform complexity into order. Documentation professionals: You translate complex technical processes into understandable, practical instructions and guidelines. Automation Mindset: you model Use Cases and automate processes (SOAR). During each manual step, ask yourself: “Can a script be done?” Management competence: You provide guidance through clear structures and objectives and create framework conditions for excellence. Language competency: Excellent German knowledge (safe for negotiation) is essential for precisely documenting complex issues and representing them in management. Good English for international cooperation is required. Ready-to-use: We require participation in readiness and availability in large-scale damage situations. A safety check (SÜG / LuftSIG) is not an obstacle to you.

HEIDELBERG is a company with a lively history – for over 175 years we have been combining innovation with tradition. We believe that we can shape our future. When all draw on one line, we will make our vision of the future a reality. We are looking for future employees who are actively participating in the HEIDELBERG team of tomorrow. We are looking for employees who develop ideas on concepts and concepts for reality. If you are not only talking about change, but you want to implement themes effectively and work in the team, you will actively shape a sustainable future with us. We appreciate people who take things in their hands and take other people along the way. With us you can use your skills and develop and exploit your potential within the framework of human resources development programmes. Your salary at HEIDELBERG will be attractive, your working environment modern and your social services very good. .