German-Speaking Security Architect / Consultant (SOC & Detection) – Part-time @ omniIQ

omniIT GmbH, together with its Polish sister company omniIQ, delivers end-to-end IT security, cloud and platform engineering services for customers across Europe.

As we continue to expand our security practice in the DACH region, we are looking for a German-speaking, hands-on Security Architect / Consultant to support our customers.

The role is strongly focused on customer-facing technical conversations. You will take part in discovery calls, workshops and follow-up discussions with customers, helping them understand their current security situation and available technical options.

Your role is to act as a technical sparring partner: asking the right questions, clarifying priorities, explaining trade-offs and guiding customers through detection, response and SOC-related topics (SIEM, EDR / XDR, vulnerability management).

You will work closely with customers to translate real-world security challenges into pragmatic, technically sound recommendations that can actually be implemented.

Alongside customer conversations, you will stay close to the technical side: supporting SOC topics such as alert analysis, noise reduction and detection improvements, and contributing to lightweight security architecture concepts.

The role also includes optional technical guidance and support for our small internal SOC team (3 engineers), without formal people management responsibilities.

This is a part‑time (5–10h / week), B2B role with a strong technical advisory focus, with the possibility to extend the collaboration over time as our security practice grows.

Fully remote.

• 5+ years of hands‑on experience in Cyber Security
• Strong background in SOC, Detection & Response, Defensive Security
• Practical experience with SIEM platforms (e.g. Sentinel, Elastic, Rapid7 or similar)
• Hands‑on experience with EDR / XDR solutions
• Ability to analyse alerts, reduce noise and improve detection quality
• Experience translating security findings into clear, pragmatic recommendations
• Comfortable in customer‑facing technical discussions
• Fluent German (C1+) – daily communication with DACH customers
• Good English for internal collaboration
• Ability to work independently in a part‑time (5–10h / week) setup

• Experience with Azure Security (Sentinel, Entra, Defender)
• Basic scripting or automation skills (Python, Bash)
• Experience with Vulnerability Management (e.g. Rapid7 VM)
• Experience supporting or mentoring small SOC teams
• Consulting or advisory experience in customer environments

• Participate in discovery sessions and technical workshops with customers
• Analyse customer security environments (SIEM, EDR / XDR, IAM, Vulnerability Management)
• Support SOC‑related topics: alert analysis, noise reduction, detection improvements
• Contribute to pragmatic security architecture recommendations (no overengineering)
• Support simple automation and improvement ideas for detection & response workflows
• Collaborate with Cloud and Platform teams on log sources and onboarding patterns
• Support and gradually shape a small internal SOC (3 engineers) through technical guidance
• Act as a trusted technical advisor for German‑speaking customers