OT Security Monitoring Specialist (m/f/d)

Job Description

Looking for a chance to create a positive impact on our society?

The OT Security Monitoring is a highly motivated and open team in the Siemens Cyber Defense Center (CDC) to create custom OT attack detection concepts for customer specific production plant environments with high protection requirements in order to enhance the detection capabilities of CDC's company-wide threat detection service and to keep Siemens secure. In addition, you will lead related customer projects and service enhancement activities in coordination with all service stakeholders.

As OT Security Monitoring Specialist you will:
  • Lead and support customer projects to onboard new production plants into CDC's OT Anomaly Detection and Security Monitoring service.
  • Derive the most relevant attacks for a customer specific OT environment by analyzing factory architectures, production process, network infrastructure, protection concepts, audit findings etc
  • Based on that, design suiting detection concepts on top of CDC’s company-wide detection service and consult the CDC SecDevOps team to implement these detection concepts
  • Tune and enhance the detection concepts to production quality (e.g. regarding detection accuracy, alert handling effort etc)
  • Brief the CDC Security Analyst team to understand the new alert types resulting from the detection concepts and required follow-up actions
  • Work closely together with customers during the design and deployment projects and during the service operation to come up with suiting detection use cases and assure proper handling and escalation of resulting alerts
  • Support continuous service improvement through own initiative and collaboration with other CDC teams to enhance CDC’s detection capabilities (like the AI/Data Science team, SecDevOps team, Threat Hunting team, and Security Analyst team)
To make a difference, you must have:
  • Solid and proven knowledge of typical highly automated OT environments (Purdue Model) to identify possible security risk and to design and develop custom threat detection to mitigate these risks
  • Solid and confirmed knowledge of production automation products like SCADA, HMI and PLC products and their corresponding communication protocols like PROFINET, MODBUS, SIMATIC S7/M7 and programming/configuration solutions like WinCC and STEP7
  • Good understanding of ISO 62443 requirements, cyber security landscapes, TTPs, and related initiatives like MITRE ATT&CK, SIGMA, OSSEM, HELK, OWASP
  • Overall experience in security monitoring/security operations center environments (SOCs) investigating security events, threat hunting, handling incidents, threats and/or vulnerabilities
  • Proficient in written and spoken English, good interpersonal skills, attention to details, and experience with customer projects
  • University degree (or equivalent experience) in computer science, IT security, or related fields

Please, include a CV in English so that it can be reviewed.

Securing the Future Enterprise Today

Whether in the field of Industry, Smart Infrastructure or Energy: Digitalization is simplifying many facets of life. Therefore, we need to handle the associated risks caused through Cyber-criminals.

“Making an impact that matters”, that’s the motto we live by. We at Siemens are continuously pushing the boundaries of sectors such as the Internet of Things (IoT), big data analytics, artificial intelligence (AI) and cloud technologies. However, with such digital innovations come unexpected security challenges and vulnerabilities, thus growing the risk of cyberattacks.

We’re looking for forward-thinking, results-oriented game-changers like you to join our team of specialists. Together let’s build ground breaking security solutions and infrastructures that protect our data and the digital assets of our customers. Help us seek tomorrow’s challenges today!

Join us! Together we can make our digital world more secure.

We’ve got quite a lot to offer. How about you?

Do you want to know more about Cybersecurity at Siemens?

Curious about our Cybersecurity hubs? The Siemens Lisbon Tech Hub has more than 1000 digital minds including the Cybersecurity team, making it one of the largest in Europe - check it out

#cybersecurity #CTCYS #ITSEC #DigitalMinds #ITMakesUsMove #LxTechHub

Diversity at Siemens is our source of creativity and innovation. Having various types of talent and experience makes us more driven and better able to respond successfully to society's demands. That's why we value candidates who reflect the diversity we enjoy in our Company.

Organization: Cybersecurity

Company: Siemens S.A.

Experience Level: Experienced Professional

Job Type: Full-time

Can't find what you are looking for?

Let's stay connected

Can't find what you are looking for?