Security Operations Center (SOC) Manager (m/f/x)

The CISPA Helmholtz Center for Information Security is a major federal research institution within the Helmholtz Association. The scientists research information security in all its facets. They conduct cutting-edge basic research as well as innovative application-oriented research and work on pressing challenges in cybersecurity, artificial intelligence and data protection. CISPA research results find their way into industrial applications and products that are available worldwide. In this way, CISPA strengthens the competitiveness of Germany and Europe. It also promotes talent and is a cadre for excellently trained specialists and managers for industry. In this way, CISPA also carries its know-how into the future.

CISPA is seeking a SOC Manager to establish and lead CISPA's Security Operations Center (SOC). This pivotal role involves setting up and managing a team dedicated to designing, developing, and maintaining a state-of-the-art SOC for CISPA and possibly other centers of the Helmholtz Association and external organizations. The SOC Manager will play a crucial role in strategic leadership, incident response oversight, and the integration of threat intelligence into daily operations, ensuring our institution's cybersecurity resilience.

1. Establishment and Development of SOC:

• Build and develop SOC processes, including defining objectives and adapting to changing requirements.
• Select the technology stack and design the SOC architecture.
• Hire and organize SOC staff, manage employee tasks, and represent the SOC within CISPA and to the public.

• Manage daily activities within the SOC to ensure effective incident detection and response.
• Provide leadership, guidance, and technical expertise to deliver professional services to clients.
• Ensure security detection, response, and recovery procedures are up-to-date and followed.
• Oversee security incident management and integrate new security services into SOC capabilities.

• Develop and maintain SOC policies, procedures, and processes to detect potential threats.
• Define and review key security performance indicators for service delivery and improvements.
• Continuously improve SOC services, including employee training, processes, and technologies.
• Collaborate with internal and external stakeholders to create a needs-based SOC for the Helmholtz Association and other organizations.

• Master or PhD in computer science or similar.
• Proven experience as a SOC Manager or SOC Team Leader.
• Certified Information Systems Security Professional (CISSP), Certified Information System Auditor (CISA); CISM, IISP, or other equivalent Security certification/accreditation is desirable.
• Strong knowledge of SIEM Systems, user and network anomaly analytics, SOAR integration and MISP Threat Intelligence sharing platform.
• Strong background in cybersecurity, including incident response and threat intelligence integration.
• Demonstrated leadership and team management skills.
• Excellent communication and collaboration abilities.
• Proven ability to work and effectively prioritize in a dynamic work environment.
• Strong communication, moderation and negotiation skills.
• Customer oriented.
• Analytical thinking.
• Proficiency in English.
• Preferred full professional proficiency in German.
• Preferred driving license class B.

• An exciting and challenging job with a lot of creative freedom in a research institution that works on future topics in the field of information security in a scientific and highly international environment.
• For us, the compatibility of family and career as well as equal opportunities are an integral part of our personnel policy. All positions are also suitable for part-time work.
• Remuneration and social benefits are based on the collective agreement for the public sector (TVöD Bund).
• Up to two days of home office per week are possible on request.
• Trust-based working hours and flexitime.
• Company pension scheme (VBL).
• Further education and training measures.
• DeutschlandJobticket.
• Social and team-building activities.
• Company health management.
• We support voluntary work.

Severely disabled persons will be given preferential consideration in the event of equal suitability. We welcome applications regardless of gender, nationality, ethnic and social origin, religion/belief, disability, age, sexual orientation and identity.