About the role
As part of the Cybersecurity Operations team, you will help to secure our intellectual property and other digital assets of the Digital Industries Software (DI SW) division of Siemens from cybersecurity threats. You will join a cyber-focused team that handles the holistic landscape of protecting a software research and development business.
What are my responsibilities?
As a Security Analyst, you will
Monitor and review notable events in Splunk Enterprise Security dashboards
Investigate alerts for relevance, severity, and impact and escalate incidents for further investigation
Assist in developing and updating runbooks and detection rules
Resolve false positives and communicate effectively with stakeholders
Provide user communication and outreach
Develop dashboards for visualizing data
To do this, on a daily basis, you will work with:
Splunk, and the Splunk Enterprise Security module
MS Teams, Outlook, and other collaboration & communication tools
ServiceNow service desk
Endpoint, Detection and Response (EDR) Tools such as Tanium, Carbon Black, MDE or Crowdstrike
Vulnerability management tools such as Qualys, Tanium etc.
Network traffic logs
Next-Gen Antivirus logs such as Trend, MS Defender, etc.
Windows and Linux clients/servers, their log files, and your knowledge
What do I need to qualify for this job?
A well-qualified candidate has
B.S. or equivalent degree, focused on cybersecurity, or equivalent knowledge
3+ years’ experience in cybersecurity or in IT operations with security focus
CISSP, GIAC certifications such as GSEC, GMON, etc. and/or Splunk certifications preferred
Ability to work both independently as well as in a global team setting
Outstanding analytical, problem solving, and planning skills
Strong attention to detail
Creative thinking and innovation skills to bring new approaches to the team
Excitement to learn and a curious mindset
May have knowledge or experience in some of the following areas:
In addition to being familiar with the tools above, some other topics you can bring to our team include
Open Stack, Kubernetes, or other grid computing technologies
AWS and/or Azure cloud security knowledge
DEVOPS or DEVSECOPS experience for creating the tools our team uses
Scripting in PowerShell and/or Python
Configuration Management in Ansible, Puppet, PowerShell, or MS Endpoint Configuration Manager
Data analytics and reporting tools: R, NumPy, MS Power BI, Tableau