Security Operations Manager (f/m/d)

Exasol’s Analytics Engine accelerates insights from the world’s data. It is purpose-built to handle the most demanding data workloads at an unmatched price/performance ratio. Our in-memory, massively parallel processing (MPP) technology is specifically designed for analytics, enabling businesses to turn data into actionable insights. At Exasol, we are committed to pushing the boundaries of what is possible in data analytics, and we are looking for enthusiastic individuals to join our team and help shape the future of data technology. Join our diverse, remote-first team where more than 30+ languages (and counting!) are spoken, and every voice is valued. We are looking for passionate individuals who thrive on collaboration, innovation, and a shared commitment to help shape the future of data technology.

Overview

The Security Operations Manager leads and continuously improves security operations across Exasol’s cloud, infrastructure, endpoints, and SaaS environments, with a strong focus on AWS-based environments, incident response, and regulatory aligned security operations. The role owns day-to-day security operations, major incidents, and security initiatives. This role reports directly to the Information Security Lead and focuses on delivering measurable security improvements through projects, leadership, and cross-functional collaboration.

Responsibilities

• You will take on a leadership role in driving and continuously improving Exasol’s security operations capabilities across cloud, infrastructure, endpoint, and SaaS environments within regulated European operating environments. This includes, but is not limited to:
• Improving Exasol’s vulnerability management processes, including triage, risk-based prioritization, remediation tracking, and reporting in line with EU regulatory expectations.
• Leading security incident response activities and acting as the primary escalation point for complex or high-impact incidents, including incident classification, regulatory notification preparation, and post-incident reporting aligned with DORA and NIS2.
• Improving visibility into threats and attacks through effective logging, monitoring, and detection capabilities that support regulatory incident reporting timelines.
• Leading major security initiatives and programs, such as data loss prevention (DLP), penetration testing, and security vulnerability remediation, supporting operational resilience requirements.
• Providing high-level technical oversight for the configuration, operation, and continuous improvement of security platforms and tools (SIEM, EDR/XDR, MDM, IAM), ensuring they support EU incident detection and response obligations.
• Improving cloud security, particularly in AWS environments, by applying security best practices and working closely with IT and engineering teams to meet EU regulatory and resilience requirements.
• Leading threat intelligence activities, monitoring global and cloud-specific threat trends, and assessing their relevance to Exasol from a European regulatory risk perspective.
• Supporting security architecture reviews and ensuring security-by-design principles are applied across all cloud systems and environments subject to EU regulatory oversight.
• Supporting governance, risk management, and compliance activities, including security controls, risk assessments, and audits related to ISO 27001, DORA, and NIS2.
• Leading information security awareness activities, including phishing simulations and security training, aligned with EU compliance and supervisory expectations.

Required Qualifications

• Strong practical experience with AWS security services, such as CloudTrail, CloudWatch, GuardDuty, Security Hub, and IAM.
• Direct experience interacting with European regulators or supervisory authorities as part of security incident handling, audits, or compliance reviews.
• Proven experience acting as an accountable incident lead to security incidents subject to mandatory EU regulatory notification and supervisory follow-up.
• Hands-on experience executing DORA and NIS2 incident handling obligations, including formal incident classification, regulatory notification preparation, timeline management, and post-incident supervisory follow-ups.
• Strong SOC / security operations background with SIEM and EDR/XDR platforms.
• Experience supporting EU regulatory audits or supervisory reviews (e.g. ISO 27001).
• Ability to translate regulatory requirements into effective security operations and processes.
• Experience with threat intelligence, detection engineering, or MITRE ATT&CK.
• Strong communication skills across technical teams and senior stakeholders.

Preferred Qualifications

• German language skills are a plus.

How We Work at Exasol

• Own Your Impact: At Exasol, you are not just a cog in the machine; you will step into immediate ownership of projects, driving them forward with a refreshing level of autonomy.
• Thrive in a Global Team: Join a vibrant, international community where diversity is celebrated, collaboration is key, and feedback fuels growth.
• Learn, Grow, Lead: We are invested in your development! Continuous knowledge-sharing, "Coffee and Learn" sessions, exciting events, and dedicated leadership programs empower you to soar.
• Work on Your Terms: Flexibility is the name of the game! Enjoy adaptable hours, remote options, and "workcations" for the ultimate work-life balance.
• Growth That Goes Beyond the Office: Dive into a comprehensive onboarding experience, fun team events, and a deep commitment to diversity and sustainability. We care about your holistic well-being.
• Rewards that Matter: Monthly home office allowance, volunteering options, floating days, and secure pension plans (location-dependent) prove we value your contributions.

Our values drive our unique and inclusive culture; discover how they shape your Exasol experience.

About Exasol

Take the next step in your career journey. Visit www.exasol.com to explore our current job openings, and follow us on LinkedIn to see what it is like to work at Exasol. Exasol is a proud equal opportunities employer. We are committed to a diverse and inclusive working environment and therefore base all our employment selection decisions, within all aspects of our business, on experience, skill, and integrity. We strongly encourage applicants from all walks to life to apply for our positions, irrespective of age, sex, gender identity, disability, sexual orientation, race, religion, etc.