Information Security Analyst - Detection & Response (f|m|x)

As an Information Security Analyst, you will be part of idealo's highly motivated Security Detection and Response (SDR) Team. In this role, you will help shape the future of security in a fast-growing, increasingly AI-driven cloud environment. It is a fantastic opportunity to bring your ideas to life, strengthen idealo's security posture, and make a tangible impact across the organization.

Together with your team, you will take ownership of security monitoring, anomaly detection, bot and brand protection, and incident response—continuously refining SIEM rules and playbooks to enhance actionable insights and strengthen our response capabilities.

You will actively contribute to embed "security by design" into our AI and cloud services, ensuring resilience and trust at scale.

• Analyse, monitor and report on all security related events and incidents. Develop and continuously improve alerting mechanisms and monitoring workflows.
• Investigate potential security incidents, perform digital forensics, and gather evidence.
• Create AI agent workflows supporting alert verification and incident response.
• Lead and support incident response activities.
• Define and revise Indicators of Compromise (IoCs) to detect attacks, intrusions, or illegal behaviors. Create corresponding detection rules and fine‑tune them.
• Perform analysis of bot traffic harming idealo's platform and create effective rules for handling it.
• Communicate findings clearly to both technical and non‑technical stakeholders, helping teams implement effective countermeasures.
• Collaborate closely with infrastructure, development and security teams to embed security into daily operations and protect idealo's data and infrastructure from attacks.

• 5+ years of experience as an "Information Security Analyst" or related area
• Deep technical understanding of the technologies and attack vectors in the following fields: preferably in web applications, AWS Cloud infrastructure or Microsoft Cloud Services (Defender for Endpoint/Office, M365, Azure AD).
• Ability to build tools to automate tasks using scripting and query languages (e.g. Python, Lucene, KQL) and experience with automation frameworks and infrastructure‑as‑code tools (e.g. Terraform, CloudFormation, GitHub Actions).
• Enthusiasm for digging into logs of several technologies to find the root cause or evidence for an incident.
• Familiarity with SIEM platforms, anomaly detection, and infrastructure‑and‑application log analysis.
• Experience in handling, managing, and resolving security incidents.
• Practical experience in advanced threat hunting or digital forensics.
• Ability to keep a cool head in pressuring situations and make decisions based on facts collected by you and other experts.
• Solid analytical skills, systematic and structured problem‑solving, with the ability to think laterally and challenge existing concepts.
• Capacity to quickly understand technical complexities and translate these to a less technical audience.

• You want to further your education? We take your personal development goals seriously and, in addition to our idealo Learning Hub, eLearning offerings (e.g., Udemy), coaching & mediation, we also offer you the opportunity to benefit individually from additional learning and development budget.
• And what about the office? Our office in the heart of Berlin offers excellent free lunch, as well as free coffee, lemonades and after‑work beer, in addition to the "standard foosball". It also has a fabulous rooftop terrace with view of the whole of Berlin where you can network with colleagues from our group of companies.
• You want full flexibility on your way to work and beyond? No problem with a job bike or Deutschlandticket – and it's environmentally friendly, too!
• You don't live in Germany yet? We support you in the visa process and with your relocation.
• Want to keep yourself fit? We offer many different fitness and sports options, such as an Urban Sports or Gympass membership, to suit your personal needs.