As an Application Security Monitoring Specialist you will join a highly motivated and open team in the Siemens Cyber Defense Center (CDC) to create custom attack detection concepts for applications with especially high protection requirements operated in Siemens in order to enhance the detection capabilities of CDC's company-wide threat detection service and to keep Siemens secure.
What would be your challenge?
- Lead and support customer projects to onboard new applications into CDC's application monitoring service.
- Derive the most relevant attacks for the applications by analyzing application architectures, workloads, purpose, protection concepts, audit findings etc.
- Based on that, design suiting detection concepts on top of CDC’s company-wide detection service and consult the CDC SecDevOps team to implement these detection concepts.
- Tune and enhance the detection concepts to production quality (e.g. regarding detection accuracy, alert handling effort etc).
- Brief the CDC Security Analyst team to understand the new alert types resulting from the detection concepts and required follow-up actions.
- Work closely together with customers during the projects (especially application operations and security teams) to come up with suiting detection use cases and assure proper handling and escalation of resulting alerts that go directly to customers instead of the CDC Security Analyst team.
- Support continuous service improvement through own initiative and collaboration with other CDC teams to enhance CDC’s detection capabilities (like the AI/Data Science team, SecDevOps team, Threat Hunting team, and Security Analyst team).
Use your skills to move forward:
- University degree (or equivalent experience) in computer science, IT security, or related fields.
- Experience with related threat detection and analysis technology like splunk (ES/UBA), Exabeam (UEBA), Wazuh etc.
- Solid and proven knowledge in custom threat detection and creation of application-specific threat detection concepts and detection use cases.
- Good understanding of the cyber security landscape, TTPs, and related initiatives like MITRE ATT&CK, SIGMA, OSSEM, HELK, OWASP.
- Overall experience in security monitoring/security operations center environments (SOCs) investigating security events, threat hunting, handling incidents, threats and/or vulnerabilities.
- Proficient in written and spoken English and German, good interpersonal skills, attention to details, and experience with customer projects.
This role is open to hire in Munich, Madrid or Lisbon
We’ve got quite a lot to offer. How about you?
Do you want to know more about Cybersecurity at Siemens? www.siemens.com/cybersecurity
As an equal-opportunity employer we are happy to consider applications from individuals with disabilities.
#CTCYS #cybersecurity #LI-DL #digitalminds
Company: Siemens Holding S.L.
Experience Level: Experienced Professional
Job Type: Full-time