Siemens Cybersecurity Defense is a global organization within Siemens consisting of regionally aligned teams across Germany, Portugal, Spain, United States, Mexico, and China. The mission of the organization is to proactively identify anomalies, respond and remediate Cybersecurity issues related to IT infrastructure, Operational Technology (OT), and products of Siemens.
The Cyber Defense Center offers security monitoring and threat detection services. The main objective of the CDC is to attempt to keep Siemens protected by preventing the materialization of threats and minimizing any adverse reputational and financial impact. The CDC portfolio enables identification and initial response to a range of threat actors, from commodities to nation state-backed actors.
As the frontline resource for monitoring, detecting, alerting, hunting, and responding to threat actors – the CDC provides deep expertise in defending against a wide range of threat actor tactics, techniques, and procedures.
As a Threat Detection Specialist for Application Security Monitoring, you will join a highly motivated, global, and open team in the Siemens Cyber Defense Center (CDC) that provides a company-wide Threat Detection service with multiple 100,000 connected assets. You will play a key role to implement and continuously enhance detection for the most critical applications and environments in Siemens, which require significantly extended detection compared to standard assets.
What are my responsibilities?
- Collaborate with different defense teams (like Security Analysts, Threat Hunting, Incident Response, Data Science, SecDevOps, Threat Intelligence etc) to create high quality Threat Detection for IT applications and application logs
- Identify and onboard relevant log sources and detection components
- Tune detection and automate workflows to improve efficiency
- Stay up to date with the latest attack and detection techniques to continuously enhance detection
- Support strategic service planning to ensure the best-suiting detection technologies and solutions are in place
What do I need to qualify for this job?
- Solid and proven knowledge in creating threat detection, especially for highly critical applications and environments
- Experience with related threat detection and analysis technology (like SIEMs, SOAR solutions, EDRs etc)
- Experience with log source onboarding and definition (optimally including Grok)
- Experience with at least one common programming languages like Python or Java
- University degree (or equivalent experience) in computer science, IT security, or related fields
- Proficient in written and spoken English combined with good interpersonal skills and attention to detail.
Company: Siemens, S.A. de C.V.
Experience Level: Experienced Professional
Job Type: Full-time