As an Application Security Monitoring Specialist you will join a highly motivated and open team in the Siemens Cyber Defense Center (CDC) to create custom attack detection concepts for applications with especially high protection requirements operated in Siemens in order to enhance the detection capabilities of CDC's company-wide threat detection service and to keep Siemens secure.
What are my responsibilities?
- Lead and support customer projects to onboard new applications into CDC's application monitoring service.
- Derive the most relevant attacks for the applications by analyzing application architectures, workloads, purpose, protection concepts, audit findings etc.
- Based on that, design suiting detection concepts on top of CDC’s company-wide detection service and consult the CDC SecDevOps team to implement these detection concepts.
- Tune and enhance the detection concepts to production quality (e.g. regarding detection accuracy, alert handling effort etc).
- Brief the CDC Security Analyst team to understand the new alert types resulting from the detection concepts and required follow-up actions.
- Work closely together with customers during the projects (especially application operations and security teams) to come up with suiting detection use cases and assure proper handling and escalation of resulting alerts that go directly to customers instead of the CDC Security Analyst team.
- Support continuous service improvement through own initiative and collaboration with other CDC teams to enhance CDC’s detection capabilities (like the AI/Data Science team, SecDevOps team, Threat Hunting team, and Security Analyst team).
What do I need to qualify for this job?
- University degree (or equivalent experience) in computer science, IT security, or related fields.
- Experience with related threat detection and analysis technology like splunk (ES/UBA), Exabeam (UEBA), Wazuh etc.
- Solid and proven knowledge in custom threat detection and creation of application-specific threat detection concepts and detection use cases.
- Good understanding of the cyber security landscape, TTPs, and related initiatives like MITRE ATT&CK, SIGMA, OSSEM, HELK, OWASP.
- Overall experience in security monitoring/security operations center environments (SOCs) investigating security events, threat hunting, handling incidents, threats and/or vulnerabilities.
- Proficient in written and spoken English, good interpersonal skills, attention to details, and experience with customer projects.
Diversity at Siemens is our source of creativity and innovation. Having different types of talent and experience makes us more competitive and better able to respond successfully to society's demands. That's why we value candidates who reflect the diversity we enjoy in Siemens.
Curious about our Cybersecurity hubs? The Siemens Lisbon Tech Hub has more than 700 employees with the Corporate Technology Cybersecurity team, making it one of the largest in Europe - check it out: https://www.siemens.com/pt/en/home/company/hr/jobs/lisbontechhub.html
#CTCYS #cybersecurity #ciberseguridad #ITMakesUsMove #LxTechHub #LI-DL #digitalminds
Company: Siemens Holding S.L.
Experience Level: Experienced Professional
Job Type: Full-time