Cyber Security Engineer (all genders)

Responsibilities:

• Design, implement, and maintain security controls and solutions across various technological domains, including network security, cloud security, application security, endpoint security, and backup systems

• Plan, implement, and maintain cybersecurity tools, such as XDR, SIEM, IOC scanner, vulnerability scanner, EASM, or network traffic analysis tools

• Collaborate with the team’s security architects and the SOC to ensure that implementations align with the security architecture and guidelines

• Conduct security assessments, vulnerability scans, and penetration tests to identify and mitigate potential risks or vulnerabilities

• Support the SOC and participate in incident detection and response activities, including investigating security event data, alerts, and incidents, conducting forensic analysis, and implementing remediation actions

• Work with cross-functional teams and IT stakeholders to integrate security requirements and controls into technology solutions and projects

• Develop and maintain system documentation, technical guidelines, standards, and procedures for IT teams

• Stay updated on the latest security trends, technologies, and best practices, as well as security threats

Qualifications:

• University degree in computer science, information technology, or a related field, or an equivalent qualification

• Sound professional working experience in security engineering roles, with proven expertise in multiple security domains such as, for example, application security, security operations, vulnerability management

• Professional software development and automation experience with at least one programming language and a solid understanding of software engineering principles and best practices such as version control, peer reviews, CI/CD

• Strong understanding of security principles related to open-source software with experience in identifying and mitigating vulnerabilities in open-source components, contributions to relevant open-source projects is a plus

• Strong knowledge of technologies, protocols and systems, security controls, cybersecurity tools, and best practices in at least three technology areas such as cloud, network, endpoint, mobile devices, operating system, containerization

• Strong problem-solving skills and the ability to analyze complex security issues

• Team player with great communication skills and practiced in stakeholder management

• Familiarity with cyber security standards and frameworks such as ISO27001, NIST CSF, SOC2, or similar is a plus

• Good written and verbal communication skills in English, proficiency in German, French or Italian is a plus

Our offer:

• A position within a vigorous and exciting professional environment promoted by an open culture and a spirit of community

• A diverse, international workforce with a dynamic working environment that fosters creativity, innovations and teamwork

• 30 days of annual holiday, monthly allowance for public transportation, and in-house canteen

• Capital forming benefits, flexible working hours, holiday pay, and annual bonus depending on performance

To apply, please click on the “Apply” button and provide your application documents (CV and cover letter, including earliest possible start date and salary requirements). We are looking forward to getting to know you and to your application.

FR : Dans le cadre de sa politique Diversité, Evotec étudie, à compétences égales, toutes les candidatures dont celles des personnes en situation de handicap.

ENG : In the frame of our Diversity policy, Evotec considers, with equal competences, all applications including people with disabilities.