Information Security Specialist

Job Description:

Integrated in Deutsche Bank’s Chief Security Office (CSO), the Information Security Threat Operations team is responsible for mitigating these risks. The Information Security Threat Operations team enables the business of Deutsche Bank by providing agile security operational capabilities.

You will be responsible for the full range of tasks associated with the detection of cyber threats in a fast-paced environment for Deutsche Bank’s both on-prem and cloud workloads, using both cloud based and on-prem managed SIEM/SOAR solutions. Our Operations team is focused on helping develop Deutsche Bank’s new architecture, platforms/systems, organizational and operational processes to allow for the detection of cyber threats. Once established the focus will shift stronger into the development to detect new threats and perform threat hunting while incorporating change in an evergreen environment.

This will involve maintaining a close dialogue with various units and stakeholders for the purpose of detecting and assessing potential risks to critical business infrastructure and services.

 Responsibilities:

• You will be expected to be able to identify areas for improvement and take accountability to drive security topics forward within and outside the team;
• In this role, you will also contribute to the development of Security Information and Event Management (SIEM) content, including detection use cases, automation playbooks, reports, network and asset model management, dashboards, rules/logic, documentation, and process establishment;
• Collaborate with other security specialists and experts to support the architecture, design and implementation of services and processes to support our mission of detecting cyber threats;
• Work in close cooperation with Cyber Intelligence, Incident Response, and the Security Operations Centre for the purpose of extending and strengthening the division’s capabilities relating to threat analytics;
• This will include managing and overseeing a range of sophisticated tools and services aimed at detecting cyber threats/incidents and responding to them in a determined manner;
• Define RFP (Request for Proposal) and SOW (Statement of Work) requirements and be actively involved in the procurement process for both security solutions, in the threat detection realm, and MSSP (Managed Security Service Provider) services,  in order to fulfill the team’s mission to protect the bank.

Skills

• Having at least 2-year experience in developing, modifying, enhancing, and fine-tuning detection and alerting/threat hunting use-cases in any type of SIEM solution (Splunk, LogRhythm, QRadar) or at least 1-year of experience of working with cloud based SIEM solutions (Sentinel, Chronicle).
• Experience with industry known detection query languages: KQL, Sigma, YARA, YARA-l, SPL, etc.
• Familiarity with Cyber Security Incident Response or computer forensic processes, or a strong interest and capability to learn the fundamentals of security operations within a short time.
• Experience of automating smaller tasks in a short amount of time, e.g., with scripting languages such as Azure CLI, PowerShell, Go, Python, etc.
• Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development /Application Security, data protection, cryptography, key management, identity and access management, network security) within SaaS, IaaS, PaaS, and other cloud environments

• Have at least 3 years’ work experience in the fields of either: Encryption; IAM (Identity & Access Management), Security Monitoring & Incident Response, Network Security, Pen Testing, Security Operation, Application Security
• Bachelor’s or Master’s degree from an accredited college or university with a focus on cloud and network technology, software development, or IT security.

• Certifications as Comptia Security+, CCNA, Splunk Power User, CISSP
• Any relevant Cyber Security Certifications

Well-being & Benefits

• A healthy, engaged, and well-supported workforce are better equipped to do their best work and, more importantly, enjoy their lives inside and outside the workplace. That’s why we are committed to providing an environment with your development and wellbeing at its center.
• Competitive salary
• 24 days’ holiday + loyalty days + bank holidays (weekdays offered for bank holidays on weekend days)
• Flexible working hours and working from home.
• Private healthcare and life insurance
• A culture of continuous learning with coaching and support from experts in your team

We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively.

Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group.

We welcome applications from all people and promote a positive, fair and inclusive work environment.