Security Specialist - Monitoring & Detection (f/m/d)
Prague, CZ
Deutsche Börse
Die offizielle Website der Gruppe Deutsche Börse mit Informationen zum Unternehmen und den Bereichen Investor Relations, Media, Karriere, Nachhaltigkeit und Regulierung.
Area of work:
In your new position, you will become a member of the Cyber Defense team, part of Group Security. Cyber Defense team is responsible for all aspects of Security Information and Event Management (SIEM), Computer Emergency Response (CERT), and Security Operations Center (SOC). To fully protect the information assets of DBG, Cyber Defense is aiming to achieve a proactive detection of threats and improve monitoring of DBG information assets to protect them from cyber-attacks effectively, dealing with implementation and maintenance a state-of-the-art SIEM/SOC tooling, architecture and use cases content in order to support establishing Cyber Defense as a center of excellence for threat intelligence.
In the advertised position, you will be focused on the analyzing and modelling security-related data, programming algorithms within the SIEM platform related activities with focus on the IS domains Security Incident Management, Alert & Log monitoring, Cyberthreat & Vulnerability management.
Beside that you will support various Information Security related projects ensuring robustness and the state-of-the-art solutions following the regulatory requirements and the best industry practices.
Your responsibilities:
- Design, develop, maintain and improve the quality of SIEM related use cases across a complex technology stack of DBG, required to timely detect and mitigate attacks and malicious activities
- Participate in challenging investigation to proactively detect threats through usage of threat intelligence and threat hunting techniques to improve detection capabilities
- Collaborate closely with the different unit in Cyber Defense to guarantee effectiveness of the current detection capabilities
- Develop the automation capabilities to enrich alerts, support SOC analyst, reducing repetitive manual tasks and improve the speed of incident resolution
- Work with subject matter experts across the Group to transform the maturity of the SIEM/SOC to an industry-leading organization
- Support research projects, e.g., exploring of new cyber scenarios in emerging technologies
- Support Cyber Defense becoming more mature by helping during the resolution of security incident, assisting with audit requests or contribute with technical recommendations
Your profile:
- University or comparable degree in Computer Science, Information Security, Engineering, or related discipline
- 3+ years of experience working in the field of Cyber Security
- Experience working with SIEM platform, implementing use-cases and automation playbooks (Splunk or similar)
- Experience working with EDR platform (MDE or similar)
- Solid technical background and practical knowledge in machine learning, databases, Python and other PLs, ETL & security engineering
- Good knowledge and understanding of Cyber Security technologies, processes, and methodologies (e.g., SIEM, SOAR, EDR, IDS/IPS, threat analysis, incident response, forensics analysis, Kill Chain, MITRE ATT&CK)
- Excellent analytical skills, creativity, critical thinking, team player, ability to identify problems and propose solutions
- Proficiency in written and spoken English; French and/or German is an asset
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation CERT Computer Science Cyber defense EDR Forensics IDS Incident response IPS Machine Learning MITRE ATT&CK Monitoring Python SIEM SOAR SOC Splunk Threat intelligence Vulnerability management
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.