Siemens Cybersecurity Defense is a global organization within Siemens consisting of regionally aligned teams across Germany, Portugal, Spain, United States, Mexico, and China. The mission of the organization is to proactively identify anomalies, respond and remediate Cybersecurity issues related to IT infrastructure, Operational Technology (OT), and products of Siemens.
The Cyber Defense Center offers security monitoring and threat detection services. The main objective of the CDC is to attempt to keep Siemens protected by preventing the materialization of threats and minimizing any adverse reputational and financial impact. The CDC portfolio enables identification and initial response to a range of threat actors, from commodities to nation state-backed actors.
As the frontline resource for monitoring, detecting, alerting, hunting, and responding to threat actors – the CDC provides deep expertise in defending against a wide range of threat actor tactics, techniques, and procedures.
What are my responsibilities?
- Operate distributed Linux-based application servers in a high-security environment. This includes general system administration tasks, patching, hardening, monitoring, automation etc.
- Operate a cloud environment. This includes automation, monitoring, improvement.
- Maintain a next-generation log collection and Big Data Analytics framework
- Build / integrate automation tools to deploy and monitor cyber defense use cases.
- Operate and implement new functionalities through REST APIs
- Operate and develop Threat Intelligence feeds
- Support troubleshooting activities
What do I need to qualify for this job?
- BS/BA in related discipline, or advanced degree, or equivalent combination of education and experience.
- Typically 1-2 years of work experience and experience in a related field is preferred, but not required. Successful demonstration or potential to perform key responsibilities as presented above. Advanced degree may be substituted for experience, where applicable.
- UNIX/LINUX system administration, configuration, troubleshooting, scripting
- Relevant certifications may be of advantage: e.g. AWS Certified Solution Architect, RedHat, Linux Academy
- Background in information security is of advantage
- Demonstrated ability to learn in a fast-paced environment
- English written and verbal communication skills
May have knowledge or experience in some of the following areas:
- Scripting skills – Required: Bash, Python. Optional: Perl, Powershell
- PostgreSQL, MySQL, ELK, Syslog-NG, JIRA/Confluence, Vmware, Kafka, Flink, Git, virtualization and container technologies
- Essential networking concepts (OSI, switching/routing, IP/TCP/UDP/ICMP), technologies (Firewalls, proxies, VPN, DNS, IDS) and tools (WireShark, tcpdump)
- Central log collection, indexes, searching and analysis
- Experience with infrastructure management & automation tools such as Ansible, Chef, Puppet
- Interpret event logs in the context of security events/intrusions and make accurate conclusions
Company: Siemens, S.A. de C.V.
Experience Level: Experienced Professional
Full / Part time: Full-time