Infrastructure Support Specialist (m/f)

RTL is Europe’s leading entertainment brand standing for entertainment, independent journalism, inspiration, energy and attitude. With our TV channels, streaming services, radio stations and online platforms in Germany, France, Hungary and Luxembourg, we reach millions of people across Europe every day. Do you value team spirit and a hands-on mentality? Do you want to grow beyond yourself and be part of our diverse team? Do you value a trusting working atmosphere? Are you looking for the freedom to implement your ideas and develop your strengths? Then join us in shaping the future of Europe's leading entertainment company.

Your Responsibilities

• Deploy and operate SOC platforms including SIEM, EDR, SOAR, NDR, and TIP across cloud and on-premises environments, ensuring availability and performance.
• Manage log ingestion pipelines (e.g. Azure Event Hubs, forwarders, parsing, indexing) to ensure data completeness, normalization, and integrity for detection use cases.
• Administer infrastructure systems (Windows, Linux, cloud services), including patching, hardening, backup validation, and access control enforcement via centralized identity platforms.
• Integrate the security tooling ecosystem (e.g. Splunk, Microsoft Defender, Cortex XSOAR, TIPs), ensuring stable interoperability and data exchange.
• Support detection and incident response by ensuring availability, retention, and quality of telemetry required for investigations and threat hunting.
• Monitor and optimize platform health and capacity, identifying performance bottlenecks, ingestion issues, and scalability constraints.
• Maintain documentation and drive continuous improvement, including SOPs, data flow mappings, and optimization initiatives for cost, performance, and detection coverage.

Your Profile

• Hands-on experience with SOC technologies (SIEM, EDR, SOAR) and log management architectures.
• Strong system administration expertise across Windows, Linux, and cloud environments (Azure preferred).
• Proven ability to troubleshoot distributed systems and ingestion pipelines, including root cause analysis and remediation.
• Experience with Splunk Cloud architecture, including ingestion optimization and index management.
• Familiarity with log pipeline optimization tools (e.g., Cribl) and data reduction strategies.
• Knowledge of cloud-native security services (Azure Event Hubs, Log Analytics, Defender suite).
• Advanced knowledge of networking concepts including TCP/IP, DNS, routing, segmentation, and secure connectivity.

Your Team

As an Infrastructure Support Specialist, you are part of the Information Security Services (ISS) Team, contributing across Engineering, Architecture, and System Administration. You are responsible for the implementation, operation, and optimization of SOC infrastructure and security platforms, ensuring reliable, secure, and scalable environments that enable detection, incident response, and threat intelligence capabilities.
As part of the Global SOC team, you collaborate with other cybersecurity professionals to proactively identify, mitigate, and respond to potential threats and vulnerabilities. You work closely with detection engineers, incident responders, and threat intelligence analysts to ensure that SOC platforms continuously deliver the telemetry, performance, and coverage required to protect the Group.