Looking for a chance to create a positive impact on our society?
Siemens CERT is a team of dedicated Security Engineers with the mission to secure Siemens’s infrastructure worldwide. The team is responsible for coordinating the response to Cyber Security incidents within Siemens. Siemens CERT monitors the current Cyber Threat Landscape for Siemens and assesses its potential impact to the enterprise, conducts forensic investigations and assesses the security of (mobile) applications. Based on that know-how and the latest technological trends, it consults with the IT departments in Siemens to improve enterprise IT Security globally.
As Senior Cybersecurity Incident Responder (f/m/d) you will:
- Investigate and follow through on IT security incidents in a geographically distributed environment, considering all relevant technical and non-technical stakeholders during all phases of the incident.
- Analyze reports about potential / suspected incidents, collect and analyze technical incident information and log data, generate reports, and ensure progress on incident tickets.
- Help improving our vast internal toolset by contributing improvement ideas on functionality and new features.
- Report to and advise management and other stakeholders to improve and drive Siemens’ Cybersecurity posture. Doing so, you will balance level of detail and strategic insight presented on a case-by-case basis.
- Build up and drive the topic area of special vulnerability handling.
To make a difference, you must have:
- At least 5 years of relevant work experience in at least one of the following areas: Cybersecurity operations, Incident Response, IT Forensics, Penetration Testing or Vulnerability Management.
- Significant technical system expertise (e.g., gathered from being an IT Administrator) with relevant exposure and expertise in IT Security, in several of the following technologies: Linux and Windows operating systems, web-technologies (encryption, HTTP, REST), networking, cloud environments.
- Expert working knowledge of technical and organizational aspects of information security, e.g., through prior defensive or offensive work experience.
- Expert knowledge of fundamental attack concepts (terminology, tools, processes, etc.).
- Knowledge of cyber threats and vulnerabilities: how to properly identify, triage, and remediate threats based on threat intelligence as well as on analysis of security events, log data and network traffic.
- Strong analytical skills with the ability to collect, organize, analyze, and disseminate significant amounts of information with attention to detail and accuracy.
- Excellent ability to interact with both technical experts and non-technical staff in exceptional situations to ensure correct actions are taken and communication partners collaborate.
- Advanced English and Communication skills: clear and concise communication; able to address stakeholders of different backgrounds and technical expertise.
- Ability to present and explain complex technical topics to both management and technical experts.
- Ability to work in a self-guided and result-oriented fashion with the clear desire to become an acknowledged technical expert in your own area of expertise.Fluent in spoken and written English, including security terminology; proficiency in German a big plus.
Knowledge or experience in some of the following areas a plus:
- Cloud Security expertise
- Experience in conducting forensics investigations on Windows or Linux operating systems
- Vulnerability Handling / Management
- Creation, analysis, and management of threat intelligence
- Development (Python, Django, Shell scripting)
- Relevant Industry Certifications such as SANS/GIAC (e.g., GCIA, GCIH, GNFA, GCFA), CompTIA Security+ CISSP, CISA, CISM are desirable.
Do you want to know more about Cybersecurity at Siemens? www.siemens.com/cybersecurity
www.siemens.com/careers/digitalminds - if you would like to find out more about Digital Minds at Siemens.
As an equal-opportunity employer we are happy to consider applications from individuals with disabilities.
#CTCYS #cybersecurity #LI-DL #DEF-EU1-3A
Company: Siemens AG
Experience Level: Experienced Professional
Job Type: Full-time