(Senior) Cyber Detection & Response Engineer (Cybersecurity)

TL;DR

(Senior) Cyber Detection & Response Engineer (Cybersecurity): Own and continuously improve the CrowdStrike Falcon platform for high signal quality, coverage, and operational maturity across endpoints, servers, network, and cloud with an accent on detection engineering, incident response, and exposure management. Focus on building custom detections, conducting threat hunting, developing response playbooks, and upskilling security teams.

Location: Hamburg, hybrid setup

Company

Germany’s largest provider of online lotteries through brands LOTTO24 and Tipp24, trusted partner of Spain’s ONCE, investing in e-commerce startups via ZEAL Ventures.

What you will do

• Own and improve CrowdStrike Falcon platform effectiveness, ensuring high signal-to-noise ratio and scalable workflows
• Manage configuration, policy governance, module optimization, and sensor coverage across IT estate
• Shape collaboration with Falcon Complete MDR for relevant, high-quality output and response effectiveness
• Lead L2/L3 incident investigations, scoping, and post-incident reviews
• Build and tune custom detections, correlation logic, and queries; conduct threat hunting
• Leverage exposure management for vulnerability prioritization and remediation tracking
• Develop response playbooks and dashboards; upskill security and IT teams; manage vendor relationship

Requirements

• 5+ years in security engineering, detection engineering, or incident response
• Strong hands-on experience with CrowdStrike Falcon (or equivalent EDR/XDR), including detection engineering and platform tuning
• Proven track record improving detection quality and reducing alert fatigue
• Experience with MDR services like Falcon Complete
• Solid understanding of MITRE ATT&CK in detection/response scenarios
• Proficiency in Falcon query language for detection, hunting, and analysis

Nice to have

• CrowdStrike certifications (CCFA, CCFH, CCFR)
• Scripting (Python, PowerShell) and API-based automation
• Familiarity with ISO 27001 and/or PCI-DSS

Culture & Benefits

• State-of-the-art technologies and agile environment
• Trust, autonomy, no micromanagement; flexible hybrid work focused on results
• Unlimited vacation days plus 30-day allowance; workations abroad
• €1,500 annual development budget; monthly mobility allowance and bike leasing
• Company pension scheme; subsidized EGYM WELLPASS gym membership
• Monthly events, team activities, company lunches 4 days a week