Apply now »

Please wait, you are being redirected to your application.

About Graphisoft

Graphisoft® empowers teams to create great architecture, through award-winning software solutions, learning programs, and professional services for the Architecture, Engineering, and Construction industry. Archicad®, the architects’ BIM software of choice, offers a complete end-to-end design and documentation workflow for architectural and integrated architectural and engineering practices of any size. BIMx®, the most popular mobile and web BIM app, extends the BIM experience to include all stakeholders in the building design, delivery, and operations lifecycle. BIMcloud®, the AEC industry’s first and most advanced cloud-based team collaboration solution, makes real-time collaboration possible across the globe regardless of the size of the project and the speed or quality of the team members’ network connection. Graphisoft is part of the Nemetschek Group. To learn more visit www.graphisoft.com 

 

We are hiring a hands-on Security Operations Engineer to strengthen the security of Nemetschek Group’s internal IT environment (Microsoft-centric and cloud-first: Entra ID / Microsoft 365, multi-tenant). You will operate within a Zero Trust model and take ownership of a security subdomain, typically Identity or Endpoints, based on your strengths and team needs. You report to IT SecOps and work closely with Information Security and IT teams to translate policies into implementable controls, identify gaps, and drive practical improvements. You will work in a geo-distributed environment across time zones and collaborate daily with colleagues from multiple nationalities. English is our working language. This role participates in a compensated, low-intensity on-call rotation for advanced incident response (every 6–8 weeks) and includes occasional travel (typically once per year for 2–3 days within Europe).

As a Security Operations Engineer, you will:

  • Implement, configure, and maintain security controls across your domain (Identity / Endpoints initially; rotation encouraged).
  • Act as L4 escalation for security incidents: investigate complex cases, coordinate response actions, and document outcomes and improvements.
  • Improve detection and response quality by tuning signals, improving logging/telemetry, and enhancing use-cases in the XDR ecosystem.
  • Administer and harden Microsoft security capabilities (cloud and on-prem where relevant), aligned with standards and baselines.
  • Maintain and improve the health, integration, and reliability of security tooling (XDR, Defender stack, vulnerability scanners, etc.).
  • Partner with IT teams: sometimes implementing directly, sometimes coordinating execution—always ensuring changes land correctly and sustainably.
  • Partner with Information Security to align on policy intent, risk decisions, and evidence expectations; report gaps transparently.
  • Support vulnerability management by providing guidance, validation, and security expertise when requested by IT owners.

Required knowledge and skills:

  • 5+ years in Security Operations / Security Engineering (hands-on) in an enterprise environment.
  • Proven experience with Microsoft security in a cloud-first environment: Entra ID + Microsoft 365 security and the Defender stack (MDE / M365 Defender; Defender for Cloud is a plus).
  • Experience improving detection/response using XDR/EDR (telemetry quality, alert tuning, investigation workflows, response actions).
  • Working knowledge of vulnerability management (triage, risk-based prioritization, remediation validation) in collaboration with IT owners.
  • Solid understanding of enterprise fundamentals: identity, endpoints, Windows, networking basics, cloud concepts.
  • Strong incident investigation and response experience in production (escalation/engineering level; not limited to SOC L1/L2).

Preferable qualifications:

  • Exposure to multi-cloud security (Azure / GCP / AWS).
  • Familiarity with Zero Trust patterns (identity controls, device posture, conditional access, segmentation/ZTNA concepts).
  • Networking security experience (firewalls, segmentation, VPN/ZTNA).
  • Linux fundamentals (nice to have)

We offer:

  • Opportunity to make a real impact by safeguarding critical systems
  • International, inspiring, and dynamic environment
  • Home office on most days (1-2 days in office per month)
  • A collaborative and inclusive work culture that values innovation
  • Challenging and various tasks
  • Continuous learning & development opportunities

 

#Graphisoft

Apply now »