Lead Cloud Cyber Defense Analyst

Job Description

Position Overview
The Siemens DI SW Cloud Security Operations team is looking for an experienced and passionate Lead Cloud Cyber Defense Analyst to secure the next generation of DI SW software products running in the cloud. As a key cybersecurity leader within the Digital Industries Software Organization, you will have the unique opportunity to shape, build, and secure cloud infrastructure supporting SaaS product offerings from Siemens Digital Industries Software.

You will be:
  • Lead a strong team of cloud cyber defense analysts in a fast-paced, start-up like environment where agile development is embraced, and innovation is encouraged.
  • At Siemens, everyone can positively impact millions of customers and you will be called on to identify and realize these opportunities.
  • Siemens is a high growth organization working on many products and software changing the world.
  • Be part of this fantastic new opportunity and inspiring culture of relentless innovation towards Ingenuity for Life.
The person in this role, will be leading security operations personnel:
  • To defend cloud infrastructure hosting Siemens DI SW cloud SaaS services and applications.
  • Perform the leadership responsibilities of security incident commander while performing the best practices of security incident response.
  • This is a lead role driving success triage of intrusion detection alerts, security incident investigations, and follow-on incident response activities of complex cloud applications.
  • The Lead Cloud Cyber Defense Analyst will lead by example while performing and delegating daily operations of monitoring cyber security alerts from multiple data sources, review adversaries’ tactics, techniques, procedures to develop use-cases for attack detection and collaborate with internal DevOps teams to further develop threat detection capabilities.
  • Additionally, the Lead Cloud Cyber Defense Analyst will lead forensic investigations to gain an understanding of attack paths exploited in successful attacks and formal damage assessments while adhering to the DI SW incident response plan/playbooks.
  • The selected candidate should have experience and understanding of multiple security platforms and layers including intrusion prevention/detection systems, log correlation/management, operating systems, AWS, and live response tooling.
  • The person in this role will be expected to lead agile scrum teams of Cloud Cyber Defense Analysts and will participate in daily scrum meetings, updating story tasks, and providing daily updates to the team.
  • A successful candidate will be a self-starter and have a wealth of experience with cyber defense tooling, cyber incident response processes and the ability to support management to achieve results while maintaining a high velocity of activity across the security program.
  • The selected candidate is expected to have experience communicating with the cybersecurity executive team.
Required Knowledge/Skills, Education, and Experience
  • Lead security monitoring teams while observing cyber security alerts and conduct initial triage activities
  • Lead security incident response and follow incident response playbooks and runbooks while driving the communication plan based on severity.
  • Lead thorough forensic investigations for successful attacks and documenting investigation results.
  • Assess damage incurred from cyber attacks
  • Lead postmortem analysis and continuously improve threat detection capabilities
  • Proactively provide continuous feedback to management and improve Cloud Security Operations processes, procedures, and technology
Preferred Knowledge/Skills, Education, and Experience
  • 7+ years professional experience in security monitoring/security operations center environment (SOC), investigating security events, handling incidents, threats and/or vulnerabilities
  • 3+ years operational leadership experience
  • 3+ years experience security incident response
  • Working knowledge of public cloud (AWS, Azure, Alibaba and/or Google Cloud) security logging and monitoring
  • Thorough understanding of enterprise detection & response, network traffic analysis and intrusion detection
  • In-depth knowledge of Windows and Linux operating system internals
  • Experience with digital forensics and malware analysis
  • Strong knowledge of SIEM platforms and use case development, experience with Splunk is a plus
  • Self-motivated with a strong desire to learn

At Siemens we are always challenging ourselves to build a better future.  We need the most innovative and diverse Digital Minds to develop tomorrow’s reality.  Find out more about the Digital world of Siemens here:

Where permitted by applicable law, Siemens may require employees to be fully vaccinated against COVID-19 based on job requirements, and in accordance with an accommodation based on legally protected reasons.


Organization: Digital Industries

Company: Siemens Industry Software Inc.

Experience Level: Experienced Professional

Full / Part time: Full-time

Equal Employment Opportunity Statement
Siemens is an Equal Opportunity and Affirmative Action Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to their race, color, creed, religion, national origin, citizenship status, ancestry, sex, age, physical or mental disability unrelated to ability, marital status, family responsibilities, pregnancy, genetic information, sexual orientation, gender expression, gender identity, transgender, sex stereotyping, order of protection status, protected veteran or military status, or an unfavorable discharge from military service, and other categories protected by federal, state or local law.

EEO is the Law
Applicants and employees are protected under Federal law from discrimination. To learn more, Click here.

Pay Transparency Non-Discrimination Provision
Siemens follows Executive Order 11246, including the Pay Transparency Nondiscrimination Provision. To learn more, Click here.

California Privacy Notice
California residents have the right to receive additional notices about their personal information. To learn more, click here.

Can't find what you are looking for?

Let's stay connected

Can't find what you are looking for?