Solution Architect SIEM/SOAR (m/f/d)

As a leading international food wholesaler, we at METRO are specialized in catering to the needs of hotels, restaurants, caterers (HoReCa), independent merchants (Traders), and more. With >15 million customers worldwide, our unique multichannel mix offers the flexibility of purchasing goods in-store or via our digitally connected Food Service Distribution (FSD) delivery. In addition, we are continuously expanding our international online marketplace, METRO MARKETS, to meet the needs of our professional customers. We furthermore take pride in our commitment to sustainability which is considered in all our actions and being listed in various sustainability indices and rankings for years is proof for our dedication (e. g. MSCI, CDP). With our business operations spanning 32 countries, over 90,000 employees worldwide and generating sales of around €30 billion in the fiscal year 2022/23, we are determined to continue our journey to growth.

At METRO, we have set ourselves ambitious goals with our “sCore” growth strategy which is closely accompanied by our Fundamentals. These shared values provide us with rules of conduct that are binding for everyone at METRO, in all countries and companies. Our commitment to wholesale is at the forefront of our mission, and we are constantly striving to improve. With our ONE METRO spirit, everyone stands together, bringing curiosity, determination, courage, drive, commitment, and trust. Find out more about METRO at careers.metroag.de.

About Us:

Join our dynamic team of Cyber Defense Leaders and become a key player in safeguarding METRO. We are committed to fostering a secure environment where innovation thrives. As a Cyber Defense Leader, you will have the opportunity to grow and develop into a seasoned security practitioner within our company.

Key Responsibilities:

• Architect and Integrate: Design and implement SIEM and SOAR solutions that align with METRO’s detection, automation, and response strategy.
• Use Case & Playbook Ownership: Lead the development and lifecycle management of detection use cases and response playbooks.
• Log Source Strategy: Own the roadmap for log source onboarding and normalization across the enterprise.
• Operational Integration: Collaborate closely with Security Operations to ensure seamless integration of SIEM/SOAR into daily workflows.
• Global Collaboration: Engage with international teams and external vendors to drive solution adoption and continuous improvement.
• Mentorship and Growth: Step into an architectural role with support and guidance, even if you're transitioning from a senior engineering position.

Qualifications:

• Experience with at least one leading SIEM and SOAR platform (e.g., Google SecOps, Splunk, Microsoft Sentinel, Cortex XSOAR, etc.).
• Strong understanding of log source onboarding, normalization, and detection engineering.
• Proven ability to design and integrate security automation and orchestration into operational workflows.
• Experience developing and maintaining detection use cases and response playbooks.
• Strong communication skills and experience working in cross-functional, international teams.
• Strategic mindset with the ability to contribute to long-term planning.

Why Join Us:

• Opportunity to grow within a supportive and innovative environment.
• Work with cutting-edge technologies and tools.
• Be part of a team of Cyber Defense Leaders that values your contributions and encourages professional development.
• Help shape the future of METRO's cyber defense at a global scale.

• Work-life balance: Flexible working hours with the option of mobile working in agreement with your line manager, 30 days of holidays.
• Training: A comprehensive training offer via our own training center or externally.
• Well-being: Health days with lots of health checks and information about your well-being, company medical care including a range of preventive services, such as flu shots, OTHEB employee assistance program. 
• Exciting life on campus: Free gym and sports classes, Rioba coffee bar, canteen with discounted meals for employees, many campus events.
• Discounts: discounted Jobticket as well as discounts in our wholesale stores and at many partner companies.
• Comfort: Good transport connections, free parking spaces, JobBike. 
• Company pension plan: You will receive a contribution to your company pension. 
• Family driven: Three daycare centers for children on campus, support of holiday camps for children of employees.