CSA SIEM Admin (Sentinel), AVP

Pune - Business Bay, India

Deutsche Bank

Discover Deutsche Bank, one of the world’s leading financial services providers. News and Information about the bank and its products

View all jobs at Deutsche Bank

Apply now Apply later

Job Description:

Job Title: CSA SIEM Admin (Sentinel), AVP

Location: Pune, India

Role Description

  • The COO Chief Information Security Office (CISO) is responsible for addressing information security risks to the Deutsche Bank global IT, as a Security Engineer-AVP, you will play a key technical role in our SIEM Operations team within the Global Cyber Security Engineering & Architecture organization.
  • You will serve as a technical expert for the platform engineering and provide 24x7x365 support for critical security technologies.  T
  • he role primarily entails hands on technical product design, build & support of multi SIEM platforms Microsoft Sentinel, Chronicle, Splunk.  You will be part of a global SIEM Operations Team. 

What we’ll offer you

As part of our flexible scheme, here are just some of the benefits that you’ll enjoy,

  • Best in class leave policy.
  • Gender neutral parental leaves
  • 100% reimbursement under childcare assistance benefit (gender neutral)
  • Sponsorship for Industry relevant certifications and education
  • Employee Assistance Program for you and your family members
  • Comprehensive Hospitalization Insurance for you and your dependents
  • Accident and Term life Insurance
  • Complementary Health screening for 35 yrs. and above

Your key responsibilities

  • Configure, manage, and optimize Microsoft Sentinel for efficient threat detection and response.
  • Ensure SIEM infrastructure is running optimally, including performance monitoring and issue resolution.
  • Regularly update and optimize SIEM policies, rules and configurations based on evolving threats.
  • Onboard, configure, and manage data connectors from various log sources, including cloud, on-premises, and hybrid environments.
  • Ensure log ingestion health and troubleshoot data collection issues.
  • Develop, implement, and fine-tune analytics rules, detection logic, and playbooks in Sentinel.
  • Assist SOC and incident response teams with log analysis, threat correlation, and incident investigation.
  • Reduce false positives by refining detection rules and optimizing event filtering.
  • Implement and enhance automation using Kusto Query Language (KQL), Logic Apps, and Microsoft Defender XDR integrations.
  • Maintain SIEM compliance with security policies, industry regulations (e.g., GDPR, NIST, ISO 27001), and best practices.
  • Generate reports and dashboards to provide visibility into security posture and SIEM performance.
  • Work with SOC, IT, and Cloud Security teams to enhance Sentinel capabilities.
  • Document SIEM configurations, detection use cases, and operational procedures.
  • Incident & Problem Management, Change & Release Management, Vendor Management, Capacity Management functions for the platform.
  • Maintain up-to-date knowledge of technology standards, industry trends, emerging technologies, and cyber security best practices.
  • Ensure technical issues are quickly resolved and help implement strategies and solutions to reduce the likelihood of recurrence.
  • Passionate about data to drive information-based security analytics.
  • Value add - Person in having experience in Cloud Management, Splunk and Chronicle.

Your skills and experience

  • The candidate must have Engineering Background in Computer Science, Information Technology, Cybersecurity or related field and a minimum of 8+ years of experience with recent experience in Security engineering, system administration, network engineering, software engineering/development with a focus on Cybersecurity.
  • 8+ years of IT engineering experience with recent experience in building and managing infrastructure and security platforms.
  • 3+ years of Experience implementing, architecting and administering SIEM platforms like Sentinel, Chronicle, Splunk for a large global organization.
  • Knowledge of Azure services and data ingestion from those services into SIEM. 
  • Familiarity with MITRE ATT&CK, cyber threat intelligence and SOC Workflows
  • Understanding of SOAR Principles
  • Hands on Experience with Microsoft Azure platform, managing various configurations to enable & manage Sentinel.
  • Experience developing in XML, Bash, Python, and PowerShell scripts.
  • DevOps Engineering experience.(Terraform, SDLC, Actions)
  • Independent, self-motivated, proactive approach to problem solving and prevention.
  • Excellent written and verbal communication skills.
  • Passionate about cyber security and the aptitude to identify and solve security problems.

How we’ll support you

  • Training and development to help you excel in your career.
  • Coaching and support from experts in your team.
  • A culture of continuous learning to aid progression.
  • A range of flexible benefits that you can tailor to suit your needs.

About us and our teams

Please visit our company website for further information:

https://www.db.com/company/company.htm

We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively.

Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group.

We welcome applications from all people and promote a positive, fair and inclusive work environment.

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  2  1  0
Category: Admin Jobs

Tags: Analytics Automation Azure Bash CISO Cloud Compliance Computer Science DevOps GDPR Incident response ISO 27001 Log analysis MITRE ATT&CK Monitoring NIST PowerShell Python SDLC Sentinel SIEM SOAR SOC Splunk Terraform Threat detection Threat intelligence Vendor management XDR XML

Perks/benefits: Career development Flex hours Health care Parental leave

Region: Asia/Pacific
Country: India

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.