Head of Incident Response (m/f/d)


People whose hearts beat wholeheartedly for IT are always needed. That is why we are looking to strengthen our team as soon as possible with a Head of Incident Response (m/f/d) for our office in Berlin or Gütersloh.

You are in first line supervision to direct reports, shift and capacity planning, coordination of external suppliers. You are responsible for the effectiveness and efficiency of the incident response team’s controls, policies and procedures as well as the review of incident response team’s performance metrics and the creation of management reports and drive the continuous improvement of team, processes and tools. Additionally you coordinate and align team activities with stakeholders and ensures targeted communication & escalation and support business development and customer relation activities.


Tasks and Responsibilities


  • Direct the functions, processes, and operations of the incident response team and ensures policies and procedures, and ensure efficiency of operations
  • Lead the operations of the incident response team to ensure optimal identification/ resolution of security incidents, and enhance client security
  • Monitor key performance indicators, determine gaps in performance metrics, and recommend/execute change management techniques for efficiency/quality improvements
  • Oversee the monitoring, identification and resolution of security incidents to detect threats through analysis, investigations and prioritization of incidents based on risk/exposure
  • Manage outsourced and in-house incident response team services for quality performance and fulfillment of Service Level Agreements (SLA)
  • Develop, maintain, and submit incident response team performance reports as required by executive management
  • Communicate major threats to executive management which may impact the protected environment
  • Ensure adequate/skilled staffing
  • Establish performance goals and priorities and conduct performance appraisals, develop, mentor and counsel staff
  • Develop services and support business development processes, service descriptions and business plans




  • Bachelor's Degree in a relevant area of study; or equivalent demonstrated experience and knowledge
  • Strong understanding of security incident management, malware management and vulnerability management processes as well as various cyber-attacks and recent hacking techniques
  • Basic understanding of Operating Systems, Virtualization technologies, Network Devices, Cloud computing concepts, Web Proxies, Firewalls, IDS/IPS, AV Systems, DLP, Vulnerability Assessment tools
  • Good understanding technology risk management, internal audit, vendor/third party management, business resiliency and fraud
  • Must understand basic security principles with an understanding of malware, cryptography, threats and vulnerabilities, access control, and application, data, and host security
  • Demonstrates a broad awareness of cybersecurity events, threats and actors, including trends and emerging systemic risks
  • Excellent English and German written and verbal skills
  • Information Security professional designations such as CISSP, CISM, CISA, GCIA, GCIH (desired)

Personal Qualities


  • Innovative and eager to learn in a rapidly evolving field
  • Personality traits, work habits, communication, and incident response team skills necessary to work effectively within a dynamic and highly operational environment
  • Exemplary personal and professional integrity and demonstrate strong interpersonal skills
  • Excellent analytical and problem-solving skills with strong attention to detail
  • Ability to work independently (with moderate supervision) or on projects
  • Ability to manage multiple tasks, priorities, and operational assignments in a high-pressure environment
  • Must have good time management skills with a demonstrated ability to complete assignments in a timely, high quality manner
  • Strong abilities to communicate through oral and written methods to internal and external stakeholders

Working Conditions & Compensation


  • On-call/stand-by availability required
  • Salary: Based on experience, education and certification
  • Travel: on occasion
  • Security Operations positions require employees to obtain and maintain a security clearance


There is no "we" without our employees


With our innovative IT solutions, we support our customers' digital transformation worldwide. In a wide range of sectors – from global trade in the international media industry to energy and utility companies. Over 2,700 dedicated employees work for us at more than 25 locations. Our customers especially appreciate our outstanding expertise, comprehensive technological knowledge and entrepreneurial spirit. Our employees appreciate our corporate culture of partnership, state-of-the-art technology and range of different challenges. We give our employees the freedom to be innovative and to take on entrepreneurial responsibility as part of a team.

We look forward to receiving your online application, including references and salary expectations. 


Arvato Systems GmbH
embrace Recruiting Services, Contact Person: Caline Kollien




Unternehmen: Arvato Systems GmbH 

Land: Deutschland

Region: Berlin

Stadt: Gütersloh

Postleitzahl: 33330

Job ID: 71640


Gütersloh, NW, DE, 33330

Jobsegment: Business Development, Cyber Security, Virtualization, Cloud, Risk Management, Sales, Security, Technology, Finance