Siemens Cybersecurity Defense is a global organization within Siemens consisting of regionally aligned teams across Germany, Portugal, Spain, Switzerland, United States, Mexico, and China. The mission of the organization is to proactively identify anomalies, respond and remediate Cybersecurity issues related to Operational Technology (OT), and products of Siemens.
The Cyber Defense Center offers security monitoring and threat detection services. The main objective of the CDC is to attempt to keep Siemens protected by preventing the materialization of threats and minimizing any adverse reputational and financial impact. The CDC portfolio enables identification and initial response to a range of threat actors, from commodities to nation state-backed actors.
As the frontline resource for monitoring, detecting, alerting, hunting, and responding to threat actors - the CDC provides deep expertise in defending against a wide range of threat actor tactics, techniques, and procedures.
What are my responsibilities?
Operate distributed Linux-based application servers in a high-security environment. This includes general system administration tasks, patching, hardening, monitoring, automation etc.
Operate a cloud environment. This includes automation, monitoring, improvement.
Maintain a next-generation log collection and Big Data Analytics framework
Build / integrate automation tools to deploy and monitor cyber defense use cases.
Operate and implement new functionalities through REST APIs
Operate and develop Threat Intelligence feeds
Support troubleshooting activities
What do I need to qualify for this job?
BS/BA in related discipline, or advanced degree, or equivalent combination of education and experience.
Typically, 1-2 years of work experience and experience in a related field is preferred, but not required. Successful demonstration or potential to perform key responsibilities as presented above. Advanced degree may be substituted for experience, where applicable.
UNIX/LINUX system administration, configuration, troubleshooting, scripting
Relevant certifications may be of advantage: e.g., RedHat, Linux Academy
Background in information security is of advantage
Demonstrated ability to learn in a fast-paced environment
German and English written and verbal communication skills are a must
Other languages are a plus
May have knowledge or experience in some of the following areas:
Experience with infrastructure management & automation tools such as Ansible, Chef, Puppet
Scripting skills - Required: Bash, Python. Optional: Perl, Powershell
PostgreSQL, MySQL, ELK, Syslog-NG, JIRA/Confluence, Vmware, Kafka, Flink, Git, virtualization and container technologies
Essential networking concepts (OSI, switching/routing, IP/TCP/UDP/ICMP), technologies (Firewalls, proxies, VPN, DNS, IDS) and tools (WireShark, tcpdump)
Central log collection, indexes, searching and analysis
Interpret event logs in the context of security events/intrusions and make accurate conclusions
Make your mark in our exciting world at Siemens.
- if you would like to find out more about jobs & careers at Siemens.
- if you need further information on the application process.
As an equal-opportunity employer we are happy to consider .
Company: Siemens AG
Experience Level: Mid-level Professional
Full / Part time: Full-time