Info text

With more than 7,000 stores in 11 different countries, ALDI SOUTH is one of the world’s largest food retailers. It is our mission to supply our customers with high-quality food at the best possible prices. We have a clear focus, following a unique concept of simplicity, responsibility and reliability. ALDI SOUTH IT ensures that everything runs smoothly, from the IT infrastructure to the software used: both at national and international level. Within the scope of transnational projects, our teams develop IT solutions for worldwide use at ALDI SOUTH.

Your Job

What this role looks like.

• Establishing, operating and continuously increasing the maturity level of the company’s SIEM (Security Information and Event Management) system
• Determining the technical, operational and organisational requirements for operational security management (SIEM/SOC), including identifying threats and vulnerabilities in IT systems and networks
• Contributing to the creation and optimisation of concepts, processes and documentation in the area of SIEM/SOC to ensure effective and efficient security monitoring and response
• Assuming responsibility for communication and coordination within the IT organisation and with the relevant contacts in the specialist departments in the event of questions concerning security incidents
• Participating in the management of security incidents at different levels of work, including the investigation of incidents and the implementation of countermeasures to prevent future incidents
• Managing service providers responsible for setting up and operating IT security services to ensure that external resources meet defined requirements and standards
• Preparing IT security reports and analyses

Your Profile

What you bring with you.

• Successfully completed degree in computer science, IT security or a comparable qualification
• At least five years of relevant professional experience in an IT security environment, e.g. CERT (Computer Emergency Response Team) or SOC (Security Operations Centre)
• Sound understanding of complex IT environments, including security architecture, network architecture, operating systems, databases and cloud technologies (in particular Azure)
• Extensive experience with and knowledge of SIEM (Security Information and Event Management) tools for technical data collection and processing as well as analytical evaluation
• Extensive experience with and knowledge of tools and processes for handling IT security incidents
• Good understanding of standards and frameworks, such as ISO 2700x, Mitre ATT&CK, CIS (Center for Internet Security) and NIST (National Institute of Standards and Technology)
• Strong communication and teamwork skills to effectively interact with various stakeholders and communicate complex security concepts
• Strong analytical and quick comprehension skills to investigate security incidents and take appropriate countermeasures
• Ability to work in a structured and independent manner
• Fluency in German and English

Desirable extras.

Regarding SIEM, the following certifications may be an advantage:

• Certified Ethical Hacker (CEH), Certified Incident Handler (CIH)
• GIAC Certified Incident Handler (GCIH), GIAC Experienced Intrusion Analyst (GX-IA), GIAC Security Operations Certified (GSOC), GIAC Certified Detection Analyst (GCDA), GIAC Certified Intrusion Analyst Certification (GCIA), GIAC Continuous Monitoring Certification (GMON)
• MITRE ATT&CK Defender™ (MAD)

Regarding Azure and Microsoft Sentinel the following certifications may be an advantage:

• Microsoft Certified: Azure Security Engineer Associate
• Microsoft Certified: Azure Administrator Associate
• Microsoft Certified: Azure Solutions Architect Expert
• Microsoft Certified: Security Operations Analyst Associate
   

Your Benefits

What you will get in return.

• Partial mobile working within Germany incl. equipment and flexible working hours
• State-of-the-art technologies
• Attractive remuneration as well as holiday and Christmas bonuses
• Future-oriented training and development
• Modular onboarding and buddy
• Corporate health management programme

Your Tech Stack

What you will work with.

• M365
• MS Sentinel
• Logstash
• Many more depending on the job