Lead R&D Engineer - Protection Engineering (m/f/d)

You have experience in actively defending companies against cyber attacks? You know real attack patterns from practice – not just from white papers? You want to use this knowledge to develop modern protection technologies that detect and stop attacks at an early stage? Then become part of our team in the Prevention, Detection & Response department at the Bochum site or across Germany via remote and support us as Lead R&D Engineer (m/w/d) in the area of Protection Engineering. In this role, you bring your practical experience from the defense of complex IT infrastructures – for example from a SOC, CERT or Blue team – and you translate them together with your team into innovative detection and protection technologies.

You are leading a team of protection engineers focused on the development of modern detection and protection rules You bring your practical experience from active defense against cyber attacks and use this knowledge to develop new protection mechanisms and detection logic You analyze real attack techniques, malware campaigns, and attack behavior and derive new detection strategies You use existing security tooling platforms and telemetry sources to develop new detection rules and analysis mechanisms You develop creative approaches together with your team to create additional visibility and identify attacks if existing data sources are not sufficient You work closely with other engineering teams, Threat Researchers and Product Owners to continuously develop detection capabilities You identify technical bottlenecks, optimize processes and ensure that your team effectively delivers high-quality solutions Together with other technical leads, you define the strategic technical roadmap for protection and detection strategies You support your team in complex technical questions and, if necessary, bring you hands-on – e.g. for prototypes, detection logic or analyses

You have gained several years of practical experience in defending corporate infrastructures against cyber attacks, e.g. in a SOC, CERT or Blue team You could already take responsibility as SOC Lead, SOC Manager, Detection Engineer or Threat Hunter (m/w/d) You know real attack patterns and tactics (e.g. according to MITRE ATT&CK) and know how attackers move in networks You have experience in implementing detection rules, Threat-Hunting analyses or security analyses with common security tools You understand what telemetry is necessary to reliably detect attacks – and can develop creative solutions if these data are missing You have solid technical knowledge in at least one area such as Endpoint Security, Network Security, SIEM, EDR/XDR, Log Analysis or Incident Response You have experience in working with engineering teams or developing security-relevant software solutions You communicate clearly and structuredly, you can motivate teams and communicate technical concepts in a comprehensible manner You speak fluent German (min. C1) and good English (min. B2)

Mission Protect people and businesses from cybercrime Flexibility You decide when and where to work – early or late, in the office or at home Onboarding Structured start, modern equipment and support by your team Holidays 30 days rest in the year Design-free space Here is space for visions – your ideas drive us forward Perspective Training and language courses for your further development Pension provision Clever provision thanks to extra high employer grant Mobility Own parking, e-storey columns, job wheel, connection to the bike path, bicycle cellar and showers Benefits Discounts about “Corporate Benefits” and free software licenses Bio-use Fresh, high-quality food at reasonable prices in the bistro. Free: fruit, bread, coffee and other drinks Campus feeling Café, arcade room, kicker and billiard table are available for exchange and fun Gilden concept sharing knowledge, sports grant and leisure communities Events Whether summer festival, Christmas celebration or team events – we celebrate and experience together