OT Security Monitoring Specialist (m/f/d)
As an OT Security Monitoring Specialist you will join a highly motivated and open team in the Siemens Cyber Defense Center (CDC) to create custom OT attack detection concepts for customer specific production plant environments with high protection requirements in order to enhance the detection capabilities of CDC's company-wide threat detection service and to keep Siemens secure. In addition, you will lead related customer projects and service enhancement activities in coordination with all service stakeholders.
What will be your challenge?
- Lead and support customer projects to onboard new production plants into CDC's OT Anomaly Detection and Security Monitoring service.
- Derive the most relevant attacks for a customer specific OT environment by analyzing factory architectures, production process, network infrastructure, protection concepts, audit findings etc
- Based on that, design suiting detection concepts on top of CDC’s company-wide detection service and consult the CDC SecDevOps team to implement these detection concepts
- Tune and enhance the detection concepts to production quality (e.g. regarding detection accuracy, alert handling effort etc)
- Brief the CDC Security Analyst team to understand the new alert types resulting from the detection concepts and required follow-up actions
- Work closely together with customers during the design and deployment projects and during the service operation to come up with suiting detection use cases and assure proper handling and escalation of resulting alerts
- Support continuous service improvement through own initiative and collaboration with other CDC teams to enhance CDC’s detection capabilities (like the AI/Data Science team, SecDevOps team, Threat Hunting team, and Security Analyst team
- Solid and proven knowledge of typical highly automated OT environments (Purdue Model) to identify possible security risk and to design and develop custom threat detection to mitigate these risks
- Solid and proven knowledge of production automation products like SCADA, HMI and PLC products and their corresponding communication protocols like PROFINET, MODBUS, SIMATIC S7/M7 and programming/configuration solutions like WinCC and STEP7
- Good understanding of ISO 62443 requirements, cyber security landscapes, TTPs, and related initiatives like MITRE ATT&CK, SIGMA, OSSEM, HELK, OWASP
- Overall experience in security monitoring/security operations center environments (SOCs) investigating security events, threat hunting, handling incidents, threats and/or vulnerabilities
- Proficient in written and spoken English, good interpersonal skills, attention to details, and experience with customer projects
- University degree (or equivalent experience) in computer science, IT security,
Do you want to know more about Cybersecurity at Siemens? www.siemens.com/cybersecurity
www.siemens.com/careers/digitalminds - if you would like to find out more about Digital Minds at Siemens.
Diversity at Siemens is our source of creativity and innovation. Having different types of talent and experience makes us more competitive and better able to respond successfully to society's demands. That's why we value candidates who reflect the diversity we enjoy in our company.
#LI-DL #CTCYS #Cybersecurity #ciberseguridad DEF-EU2-16
Company: Siemens Holding S.L.
Experience Level: Mid-level Professional
Job Type: Full-time