As part of the Intellectual Property Protection Operations (IPP OPS)/Cybersecurity team, you will help to secure the IP and other digital assets of the Digital Industries Software (DI SW) division of Siemens. You will join a cyber-focused team that handles the holistic landscape of protecting a software development business.What are my responsibilities?
As a Senior Cybersecurity Analyst, you will
- Investigate and follow through on IT security incidents in a geographically distributed environment, considering all relevant technical and non-technical stakeholders during all phases of the incident.
- Analyze reports about potential / suspected incidents, collect and analyze technical incident information and log data, investigate, generate reports, and ensure progress on incident tickets.
- Investigate SIEM alerts/events for relevance, severity, and impact and escalate incidents for further investigation or remediation.
- Provide input and guidance for developing and updating runbooks and detection rules.
- At least 5+ years of relevant work experience in at least one of the following areas: Cybersecurity operations, Incident Response, Threat Intelligence, Threat Hunting and Digital Forensics.
- Technical system expertise (e.g., gathered from being an IT Administrator) with relevant exposure and expertise in IT Security, in several of the following technologies: Linux and Windows operating systems, web-technologies (encryption, HTTP, REST), networking, cloud environments.
- Knowledge of cyber threats and vulnerabilities: how to properly identify, triage, and remediate threats based on threat intelligence as well as on analysis of security events, log data and network traffic.
- Strong analytical skills with the ability to collect, organize, analyze, and disseminate significant amounts of information with attention to detail and accuracy.
- Experience securing public cloud and SaaS offerings (AWS, Google, Azure)
- Experience in the following technologies - SIEMs, WAFs, IDS/IPS, anti-malware, EDR, SOAR, secure cloud access, vulnerability scanning platforms, DLP, private cloud, and open-source security frameworks.
- Experience in campaign monitoring and actor profiling of threat actors or groups with a direct or indirect impact to the Siemens DISW brand and/or broader industry.
- Experience presenting analytic conclusions and research to both technical and non-technical audience through briefings, emails, etc.
- Experience with Contributing to risk assessments and mitigation strategies for identified threats.
- Programming and scripting skills would ideally include one or more of the following: C#, Python, Ruby, PowerShell or Bash.
- Experience with correlating events to the MITRE framework and the Cyber Kill Chain
- Familiarity with automation and CI/CD pipeline using various tools like GitHub, Bitbucket, etc.
- Understanding / proficiency in applications, containerization, APIs, web services
- Experience in conducting forensics investigations on Windows or Linux operating systems.
- Vulnerability Handling / Management
- Open Stack, Kubernetes, or other grid computing technologies.
- DEVOPS or DEVSECOPS experience for creating the tools our team uses.
- Configuration Management in Ansible, Puppet, PowerShell, or MS Endpoint Configuration Manager.
- Data analytics and reporting tools: R, NumPy, MS Power BI, Tableau
- Experience with common ticketing systems
- B.S. or equivalent degree, focused on cybersecurity, or equivalent knowledge.
- 5+ years’ experience in IT security operations.
- Ability to work both independently as well as in a global team setting.
- Outstanding analytical, problem solving, and planning skills.
- Strong attention to detail.
- Creative thinking and innovation skills to bring new approaches to the team.
- Excitement to learn and a curious mindset.
- Business level English.
- Knowledge of the intelligence cycle and cyber threat intelligence-relevant frameworks (e.g. cyber kill chain, diamond model, pyramid of pain, MITRE ATT&CK, etc.).
- Understanding of the tactics, techniques, and procedures (TTPs) employed by relevant cyber threat groups, which are tracked by various vendors.
- Results oriented with an ability to self-start, work independently, and address multiple competing priorities.
- Strong analytic and problem-solving skills with the ability to interpret large volumes of data.
- Relevant Industry Certifications such as SANS/GIAC (e.g., GCIA, GCIH, GNFA, GCFA), AWS, CompTIA Security+ CISSP, CISA, CISM, are desirable.
The salary range for this position is $95,800 to $172,400 and this role is eligible to earn incentive compensation. The actual compensation offered is based on the successful candidate’s work location as well as additional factors, including job-related skills, experience, and relevant education/training. Siemens offers a variety of health and wellness benefits to employees. Details regarding our benefits can be found here: www.benefitsquickstart.com. In addition, this position is eligible for time off in accordance with Company policies, including paid sick leave, paid parental leave, PTO (for non-exempt employees) or non-accrued flexible vacation (for exempt employees).
At Siemens we are always challenging ourselves to build a better future. We need the most innovative and diverse Digital Minds to develop tomorrow’s reality. Find out more about the Digital world of Siemens here: www.siemens.com/careers/digitalminds
#SWSaaS (SaaS Transformation Posting)
Organization: Digital Industries
Company: Siemens Industry Software Inc.
Experience Level: Experienced Professional
Full / Part time: Full-time
Equal Employment Opportunity Statement
Siemens is an Equal Opportunity and Affirmative Action Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to their race, color, creed, religion, national origin, citizenship status, ancestry, sex, age, physical or mental disability unrelated to ability, marital status, family responsibilities, pregnancy, genetic information, sexual orientation, gender expression, gender identity, transgender, sex stereotyping, order of protection status, protected veteran or military status, or an unfavorable discharge from military service, and other categories protected by federal, state or local law.
EEO is the Law
Applicants and employees are protected under Federal law from discrimination. To learn more, Click here.
Pay Transparency Non-Discrimination Provision
Siemens follows Executive Order 11246, including the Pay Transparency Nondiscrimination Provision. To learn more, Click here.
California Privacy Notice
California residents have the right to receive additional notices about their personal information. To learn more, click here.