Senior Cybersecurity Incident Responder in Erlangen bei Siemens AG

Senior Cybersecurity Incident Responder (m/f/d) in Erlangen bei Siemens AG

Siemens AG

Looking for a chance to create a positive impact on our society?

Siemens CERT is a team of dedicated Security Engineers with the mission to secure Siemens’s infrastructure worldwide. The team is responsible for coordinating the response to Cyber Security incidents, conducts forensics investigations within Siemens. We also take part in strategic projects, relying on experience from more than a decade of operating in our industrial environment. Based on that know-how and the latest technological trends, it collaborates with the IT departments and partners in the businesses in Siemens to improve enterprise cybersecurity globally.

As Senior Cybersecurity Incident Responder (f/m/d) you will:

Investigate and follow through on IT security incidents in a geographically distributed environment, considering all relevant technical and non-technical collaborators during all phases of the incident.
Analyze reports about potential / suspected incidents, collect and analyze technical incident information and log data, generate reports, and ensure progress on incident tickets.
Help improving our vast internal toolset by contributing improvement ideas on functionality and new features.
Report to and advise management and other collaborators to improve and drive Siemens’ Cybersecurity posture. Doing so, you will balance level of detail and strategic insight presented on a case-by-case basis.
Build up and drive the topic area of special vulnerability handling.

To make a difference, you must have:

University degree in Information Technology, Engineering or similar
At least 5 years of relevant work experience in at least one of the following areas: Cybersecurity operations, Incident Response, IT Forensics, Penetration Testing or Vulnerability Management.
Significant technical system expertise (e.g., gathered from being an IT Administrator) with relevant exposure and expertise in IT Security, in several of the following technologies: Linux and Windows operating systems, web-technologies (encryption, HTTP, REST), networking, cloud environments.
Solid understanding of technical and organizational aspects of information security, e.g., through prior defensive or offensive work experience.
Experienced in fundamental attack concepts (terminology, tools, processes, etc.).
Knowledge of cyber threats and vulnerabilities: how to properly identify, triage, and remediate threats based on threat intelligence as well as on analysis of security events, log data and network traffic.
Strong analytical skills with the ability to collect, organize, analyze, and disseminate significant amounts of information with attention to detail and accuracy.
Excellent ability to interact with both technical colleagues and non-technical staff in exceptional situations to ensure correct actions are taken and communication partners collaborate.
Advanced English and Communication skills: clear and concise communication; able to address stakeholders of different backgrounds and technical expertise.
Ability to communicate and explain complex technical topics to both management and technical specialists.
Ability to work proactively with the clear desire to become an acknowledged technical guide in your own area of expertise.
Fluent in spoken and written English, including security terminology; proficiency in German helpful.

Knowledge or experience in some of the following areas a plus:

Cloud Security expertise
Experience in conducting forensics investigations on Windows or Linux operating systems
Vulnerability Handling / Management
Creation, analysis, and management of threat intelligence
Development (Python, Django, Shell scripting)
Relevant Industry Certifications such as SANS/GIAC (e.g., GCIA, GCIH, GNFA, GCFA), CompTIA Security+ CISSP, CISA, CISM are desirable.

What´s in for you: