Cybersecurity Solution Architect (EDR/MDR Implementation & Management)

NAXCON GmbH, located in the heart of Freiburg, is at the forefront of the German IT and engineering industry.

Our experts have extensive knowledge in software and hardware development, state-of-the-art electronics, and future-oriented technologies such as artificial intelligence and virtual reality.

We are not only dedicated to project work for our customers, but also intensively pursue in-house innovation projects as well as research & development. Renowned companies from a wide range of German industries place their trust in us - demonstrating the outstanding expertise and commitment of our engineers.

Location: Remote within the EU (depending on security clearance)
Contract Type: Full-time / Fixed-term (initial 3-year project with extension option)
Sector: Public Administration / Government IT Security

️ Project Overview

The Uckermark District Administration is launching a comprehensive initiative to strengthen its cyber resilience. We are seeking an experienced Cybersecurity Solution Architect to design, deploy, and manage an EDR (Endpoint Detection & Response) and MDR (Managed Detection & Response) system to defend approximately 1,750 heterogeneous endpoints (Windows, Linux, IGEL OS, Android, iOS) across various office locations connected via VPN.

Primary Responsibilities

• Lead the end-to-end implementation of a MITRE ATT&CK-aligned EDR/MDR platform for detecting, responding to, and preventing cyber threats.

• Coordinate the delivery of software products, onboarding, installation, configuration, support, and user training.

• Define and enforce security use cases, forensic logging, and real-time monitoring of all endpoints.

• Ensure the platform meets the BSI DER 1 module compliance and GDPR data protection requirements.

• Oversee incident response workflows, manage exposure risk, and coordinate with APT Response Services.

• Collaborate with external subcontractors or security providers as needed (multi-vendor coordination).

• Manage the onboarding of internal IT staff, provide documentation, and ensure long-term maintainability.

• Integrate platform with administrative tools and enforce MFA, IP whitelisting, and role-based access.

Required Qualifications

• Proven experience (5+ years) with EDR/MDR platforms (e.g., CrowdStrike, SentinelOne, Palo Alto Cortex, or similar).

• Deep understanding of:

  • MITRE ATT&CK framework

  • Threat Hunting (manual and proactive)

  • Real-time endpoint telemetry and forensic logging

  • Exposure management and vulnerability prioritization

• Experience working with or for public sector entities in regulated environments (preferably Germany).

• Knowledge of EVB-IT contract structures and public procurement standards.

• Fluent in English; German language skills are a strong asset.

• Ability to work with hybrid infrastructures (on-premises and cloud) and multi-OS environments.

⭐ Nice to Have

• Background in incident response and APT-level remediation.

• Familiarity with:

  • USB device control and offline policies

  • Zentralisierte IT-Hygiene & Asset Management

  • Integration with SIEMs or Threat Intelligence platforms

• Certification such as: CISSP, CISM, CISA, or comparable security credentials.

• Knowledge of German administrative IT policies (BSI IT-Grundschutz, VgV, DSGVO, etc.).

Soft Skills

• Strong communication and documentation skills.

• Proactive problem solver with a security-first mindset.

• Capable of mentoring and training public sector IT teams.

• Structured, reliable, and transparent in cross-organizational coordination.

Contract Terms

• Start Date: September 2025 (or upon mutual agreement)

• Initial Duration: 3 years

• Extension Option: Annual, if not terminated

What we offer:

Join a cosmopolitan and internationally mixed team: We welcome individuals from all backgrounds and cultures to contribute their unique perspectives and talents to our team.
Polish your German language skills: If you are looking to improve your German language skills, we offer a supportive environment where you can practice and develop your language abilities: whether you are a beginner or an advanced speaker.
Benefit from a fixed contact person from the company: We understand the importance of having a reliable point of contact within the company. That's why we assign a dedicated contact person who will provide guidance and support throughout your employment with us.
Professional growth and development: With us, our engineers can immerse themselves in new industries or projects after just 1-2 years and actively transfer knowledge.
Enjoy regular team events with the company: We believe in the power of team building and fostering positive relationships within the workplace. That's why we organize regular team events to promote collaboration and strengthen our team bonds.
Competitive compensation package: At NAXCON, we believe that our engineers are our greatest asset. That's why we offer a comprehensive and competitive compensation package that includes a salary commensurate with experience and expertise.