Cyber Security SIEM Engineer - Group Security (f/m/d)

Apply now »

Date: 28 Apr 2024

Location: Prague, CZ

Company: Deutsche Börse Group

 

Your area of work:

As part of the Cyber Protection – Detect & Prevent unit, you will be working in a team of engineers distributed between three locations, Eschborn, Luxembourg and Prague. Your time will be divided between managing and supporting the systems related to the Security Information Event Management (SIEM). In addition to SIEM, the team provides top-level service for malware detection, Database Activity Monitoring (DAM), Host/Network Intrusion (IDS/IPS) and Web Application Firewall (WAF).

 

Your responsibilities:

  • Operate the company’s SIEM infrastructure (Splunk)
  • Monitoring and capacity planning of the SIEM infrastructure
  • Maintenance and upgrades of the SIEM software (Splunk)
  • Onboarding of logs from different sources (OS, DBMS, middleware and application layer) and reporting
  • Development of Apps/TA´s and/or parsers
  • Troubleshoot issues with log sources or systems with vendors and stakeholders
  • Document and update the SIEM engineering processes, logging/ingestion procedures and other related documents
  • Provide effective support service for implemented security controls
  • Participate in the on-call rotation for SIEM

 

Your profile:

  • University degree in IT, business informatics, or comparable education
  • 3+ years professional experience supporting and maintaining SIEM systems (Splunk)
  • Knowledge of cloud-native SIEM solutions, such as Google Chronicle or Microsoft Sentinel, appreciated
  • Ability to define and onboard new data sources into SIEM/Splunk
  • Good understanding of Common Information Model (CIM) and Common Event Format (CEF)
  • Good understanding of Linux, Windows, z/OS and related logging formats
  • Good understanding of network devices (Router, Switches, Firewall, WAF, Load balancer, etc.) and related logging formats
  • Good knowledge of systems & applications security concepts
  • Development skills (RegEX, Python, bash, PowerShell)
  • Experience with public cloud platforms, e.g. Google Cloud Platform (preferred) and Microsoft Azure
  • Ability to work under pressure in a fast-paced environment
  • Strong attention to detail with an analytical mind and outstanding problem-solving skills
  • Ability to firmly present complex topics in an understandable manner
  • Proficiency in written and spoken English, same in German is a plus
  • Additionally, you need to be a team player with good communication skills, highly motivated and flexible