Koho hledáme
- Bachelor's degree in Computer Science or a related field; Master's degree in Cybersecurity is highly desirable.
- Relevant industry certifications such as SANS GIAC Cloud Security Automation (GCSA), Splunk certifications (Core User, Power User, Admin, Architect), and AWS Certified Security - Specialty are a plus.
- Proven experience as a SIEM Engineer or Architect in complex enterprise environments.
- Extensive experience with SIEM platforms (e.g., Splunk and Elastic).
- Demonstrated experience in cloud security architecture and deployment, particularly in AWS and Azure.
- Strong background in incident response and mitigation.
- Experience with log analysis, threat hunting, and detection rule creation.
- Hands-on experience with automation tools, Infrastructure as Code, and CI/CD pipelines.
- Experience with SOAR platforms and developing automation playbooks.
- Familiarity with penetration testing methodologies and tools.
- Experience with vulnerability management tools.
- Proficiency in scripting languages (e.g., Python, BASH, and PowerShell) for automation and integration.
- Strong understanding of networking protocols, firewall configurations, and IDS/IPS systems.
- Knowledge of various security tools (e.g., Wireshark, Metasploit, Nmap, Burp Suite, ZAP).
- Familiarity with security frameworks and methodologies (e.g., OWASP and MITRE ATT&CK).
- Experience with git-based version control systems (e.g., GitHub and Gitlab)
- Excellent problem-solving and analytical skills.
- Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams.
- Ability to work independently and manage multiple priorities in a fast-paced environment.
- Strong commitment to continuous learning and professional development.
Co budeš dělat
- Design, implement, and maintain the organization's SIEM platform, ensuring its scalability, reliability, and optimal performance.
- Administer and manage the underlying SIEM infrastructure that is deployed in AWS.
- Architect multi-cloud and multi-regional SIEM solutions.
- Perform SIEM deployments and upgrades.
- Onboard new data sources into the SIEM, ensuring proper parsing, normalization, and enrichment.
- Develop and implement automation for data ingestion processes and integration with third-party systems.
- Create custom integrations for the SIEM
- Develop, implement, and fine-tune threat detection rules, correlation searches, and alerts.
- Conduct in-depth log analysis to identify potential security issues.
- Assist the SOC with incident response and mitigation.
- Analyze security issues and policy violations to determine root cause.
- Create and update dashboards, reports, and visualizations to provide actionable security intelligence to multiple stakeholders.
- Develop data models for reporting and analysis.
- Implement automation for security operations tasks, including playbooks for incident response and remediation (SOAR).
- Utilize CI/CD pipelines and infrastructure as code (IaC) for security infrastructure deployment.
- Develop process automation using scripting (e.g., Python and Bash).
- Act as a multi-cloud security architect, focusing on hardening cloud services and deploying secure cloud infrastructure.
- Conduct threat modeling sessions for cloud-based systems.
- Integrate cloud infrastructure with various 3rd party services.
- Participate in internal and external audits as well as remediate findings.
- Perform regular security assessments to satisfy security and compliance requirements
- Ensure compliance with various standard (e.g., ISO27001 and SOC2 Type 2).
- Stay current with emerging threats, vulnerabilities, and security technologies.
- Participate in security workshops and training sessions.
O pozici
Siemens, a leading software organization, is seeking a highly skilled and motivated Senior Security Information and Event Management (SIEM) Engineer to join our dynamic and innovative team. As a company committed to harnessing the power of cloud technologies on our SaaS journey, we are seeking an experienced professional to ensure the security and integrity of the cloud-based systems that we support.
Benefity
- This role is eligible to earn incentive compensation (10-15%). The actual compensation offered is based on the successful candidate’s job-related skills, experience, and relevant education/training. Siemens offers health and wellness benefits to employees (https://jobs.sw.siemens.com/benefits/).