Senior SOC Engineer

About the Opportunity

We are seeking a Senior / Lead SOC Platform Engineer to own and evolve the cloud-based logging and automation platforms that power our Security Operations Center. Our SOC Engineering team does design scalable AWS logging pipelines and manage ingestion into Google SecOps, and believes in proactive security, automation, and continuous improvement to stay ahead of evolving threats. In this role, you will lead key initiatives that strengthen visibility, automation, and detection capabilities across the organization

This is a Hybrid role based in Berlin or Barcelona.

In This Role, You Will:

• Lead SOC engineering initiatives including SOC automation, SIEM–IT Service Management (ITSM) integration, and threat framework mapping and adoption (e.g., MITRE ATT&CK).
• Own data ingestion workflows for the Security Information and Event Management (SIEM) system and ensure high-quality, reliable telemetry.
• Support and integrate deceptive security technologies and participate in purple team exercises to enhance visibility and detection coverage.
• Collaborate with detection engineering, incident response, cloud teams, and security leadership to improve platform reliability and SOC effectiveness.

What You Need to Be Successful

Background:

• 5+ years of experience in SOC engineering, security engineering, cloud engineering, or platform engineering.
• Proven experience designing and operating large-scale logging pipelines in cloud environments.
• Strong understanding of SOC operations, detection workflows, and modern telemetry requirements.

Skills:

• Deep hands-on experience with AWS (S3, IAM, Lambda, Kinesis, CloudWatch, Step Functions, Glue, Athena, Glacier).
• Expertise with SIEM ingestion pipelines, ideally Google SecOps (Chronicle) with S3 ingestion.
• Strong understanding of log structures (JSON, CloudTrail, VPC Flow Logs, Syslog) and schema normalization.
• Proficiency with Infrastructure as Code (Terraform preferred).
• Strong scripting/programming skills (Python, Bash).
• Experience automating data validation, log onboarding, and pipeline health checks.
• Familiarity with MITRE ATT&CK mapping workflows using Navigator.
• Exposure to deceptive security technologies and telemetry pipelines.
• Experience supporting purple team exercises from a telemetry and engineering perspective.

Nice to Haves

• Google SecOps(Chronicle) engineering experience.
• Experience implementing automation for next-generation or Agentic SOC capabilities.
• Experience with deception frameworks (e.g., Canary, Thinkst, IllusionBLACK).

What’s in it for you:

• Accelerate your career growth by joining one of Europe’s most talked about disruptors 🚀.
• Employee benefits that range from a competitive personal development budget, work from home budget, discounts to fitness & wellness memberships, language apps and public transportation. 
• As an N26 employee you will have access to a Premium subscription on your personal N26 bank account. As well as subscriptions for friends and family members.    
• Additional day of annual leave for each year of service.  
• A high degree of autonomy and access to cutting edge technologies - all while working with a friendly team of peers of diverse nationalities, life experiences and family statuses. 
• A relocation package with visa support for those who need it.

Who we are

N26 has reimagined banking for today’s digital world. Technology and design empower everything we do and it’s how we are building the global banking platform the world loves to use.  We've eliminated physical branches, paperwork, and hidden fees for an elegant digital experience and supreme savings. Giving people the power to live and bank their way is what gets us out of bed in the morning and inspires the work that we do.  We are headquartered in Berlin with offices in multiple cities across Europe, including Vienna and Barcelona, and a 1,500-strong team of more than 80 nationalities. Sounds good? Apply now for this position.

Equal Opportunities:

We recognize that our strength lies in our people and the varied perspectives they bring to our workforce. We strive to build talented and diverse teams to drive our business success and empower our people to reach their full potential. We genuinely welcome and encourage applications from people of all backgrounds, cultures, genders, sexual orientations, abilities, neurodiversities, and ages. We're committed to creating an inclusive workspace where everyone feels valued and respected, free from harassment and discrimination. If there's anything you need to make the application process work for you, please let us know by reaching out to candidate.exp@n26.com.  Visit our website to learn more about Diversity, Equity, & Inclusion at N26.