Information Security Analyst - Detection & Response (f|m|x)

Stellenbeschreibung:

Information Security Analyst - Detection & Response (f|m|x)

Get AI-powered advice on this job and more exclusive features.

Job Description

As an Information Security Analyst , you will be part of idealo’s highly motivated Security Detection and Response (SDR) Team . In this role, you will help shape the future of security in a fast-growing, increasingly AI-driven cloud environment . It is a fantastic opportunity to bring your ideas to life, strengthen idealo’s security posture , and make a tangible impact across the organization.

Together with your team, you will take ownership of security monitoring , anomaly detection , bot and brand protection , and incident response — continuously refining SIEM rules and playbooks to enhance actionable insights and strengthen our response capabilities.

You will actively contribute to embed “security by design” into our AI and cloud services , ensuring resilience and trust at scale.

About Your New Role

Analyze, monitor and report on all security related events and incidents. Develop and continuously improve alerting mechanisms and monitoring workflows.
Investigate potential security incidents, perform digital forensics, and gather evidence.
Create AI agent workflows supporting alert verification and incident response.
Lead and support incident response activities.
Define and revise Indicators of Compromise (IoCs) to detect attacks, intrusions, or illegal behaviors. Create corresponding detection rules and fine-tune them.
Perform analysis of bot traffic harming idealo’s platform and create effective rules for handling it.
Communicate findings clearly to both technical and non-technical stakeholders, helping teams implement effective countermeasures.
Collaborate closely with infrastructure, development and security teams to embed security into daily operations and protect idealo’s data and infrastructure from attacks.

Skills & Requirements

5+ years of experience as an “Information Security Analyst” or related area.
Deep technical understanding of the technologies and attack vectors in web applications, AWS Cloud infrastructure or Microsoft Cloud Services (Defender for Endpoint/Office, M365, Azure AD).
Ability to build tools to automate tasks using scripting and query languages (e.g. Python, Lucene, KQL) and experience with automation frameworks and infrastructure-as-code tools (e.g. Terraform, CloudFormation, GitHub Actions).
Enthusiasm for digging into logs of several technologies to find the root cause or evidence for an incident.
Familiarity with SIEM platforms, anomaly detection, and infrastructure‑and‑application log analysis.
Experience in handling, managing, and resolving security incidents.
Practical experience in advanced threat hunting or digital forensics.
Ability to keep a cool head in pressuring situations and make decisions based on facts collected by you and other experts.
Solid analytical skills, systematic and structured problem‑solving, with the ability to think laterally and challenge existing concepts.
Capacity to quickly understand technical complexities and translate these to a less technical audience.

Job Requirements

At idealo, we are committed to equal opportunity and inclusive hiring. We value diversity and welcome applicants of all backgrounds. When you start with us, we will support you in the visa process and relocation if needed.

At idealo you can expect

You need vacation? We offer you 30 days of vacation. If you want more you can “buy” an additional 15 days every year by converting your salary.
Further education? We take your personal development goals seriously and offer a learning budget plus eLearning and coaching.
Office perks? Our office in Berlin offers free lunch, coffee, lemonades, after‑work beer and a rooftop terrace with a view of the whole city.
Flexibility on way to work? You can work remotely or use a job bike or Deutschlandticket.
Relocation support? We support you in the visa process and relocation.
Fitness options? We offer memberships in Urban Sports or Gympass.

Information for applicants with severe disabilities

As an applicant with a severe disability, you can receive advice from our Representative Body for Severely Disabled People (SBV) during the application process. Please inform us about this topic.

We’re happy to receive your application!