Security Specialist - Monitoring & Detection (f/m/d)

Date: 10 Dec 2024

Location: Prague, CZ

Company: Deutsche Börse Group

 

Area of work:

 

In your new position, you will become a member of the Cyber Defense team, part of Group Security. Cyber Defense team is responsible for all aspects of Security Information and Event Management (SIEM), Computer Emergency Response (CERT), and Security Operations Center (SOC). To fully protect the information assets of DBG, Cyber Defense is aiming to achieve a proactive detection of threats and improve monitoring of DBG information assets to protect them from cyber-attacks effectively, dealing with implementation and maintenance a state-of-the-art SIEM/SOC tooling, architecture and use cases content in order to support establishing Cyber Defense as a center of excellence for threat intelligence.

 

In the advertised position, you will be focused on the analyzing and modelling security-related data, programming algorithms within the SIEM platform related activities with focus on the IS domains Security Incident Management, Alert & Log monitoring, Cyberthreat & Vulnerability management.

 

Beside that you will support various Information Security related projects ensuring robustness and the state-of-the-art solutions following the regulatory requirements and the best industry practices.

 

 

Your responsibilities:

 

  • Design, develop, maintain and improve the quality of SIEM related use cases across a complex technology stack of DBG, required to timely detect and mitigate attacks and malicious activities
  • Participate in challenging investigation to proactively detect threats through usage of threat intelligence and threat hunting techniques to improve detection capabilities
  • Collaborate closely with the different unit in Cyber Defense to guarantee effectiveness of the current detection capabilities
  • Develop the automation capabilities to enrich alerts, support SOC analyst, reducing repetitive manual tasks and improve the speed of incident resolution
  • Work with subject matter experts across the Group to transform the maturity of the SIEM/SOC to an industry-leading organization
  • Support research projects, e.g., exploring of new cyber scenarios in emerging technologies
  • Support Cyber Defense becoming more mature by helping during the resolution of security incident, assisting with audit requests or contribute with technical recommendations

 

 

Your profile:

 

  • University or comparable degree in Computer Science, Information Security, Engineering, or related discipline
  • 3+ years of experience working in the field of Cyber Security
  • Experience working with SIEM platform, implementing use-cases and automation playbooks (Splunk or similar)
  • Experience working with EDR platform (MDE or similar)
  • Solid technical background and practical knowledge in machine learning, databases, Python and other PLs, ETL & security engineering
  • Good knowledge and understanding of Cyber Security technologies, processes, and methodologies (e.g., SIEM, SOAR, EDR, IDS/IPS, threat analysis, incident response, forensics analysis, Kill Chain, MITRE ATT&CK)
  • Excellent analytical skills, creativity, critical thinking, team player, ability to identify problems and propose solutions
  • Proficiency in written and spoken English; French and/or German is an asset