About the company
As a leading technology company, we empower our customers to meet the great challenges of our time. Our businesses and local organizations enjoy the entrepreneurial freedom to serve their customers and markets in the best way possible, via a structure geared toward delivering ultimate value for customers.
Job description
As Cyber Threat Intelligence Specialist (f/m/d) you will:
Collect, organize, analyze, and refine information about known and emerging cyber security threats, including novel tactics, techniques, and procedures (TTPs) used by attackers to potentially target Siemens’ business or customers.
Leverage internal and external resources to enrich relevant information to deliver contextualized intel to acting teams in a timely manner.
Collaborate with Incident Response team, translating raw sensor data, reports, and other intelligence feeds into actionable intelligence to drive proactive measures and appropriately prioritize response activities.
Contribute to every step of the IoC lifecycle within the Siemens Threat Intelligence Platform (e.g. organizing input sources and feeds, manually crafting new indicators, tuning the strategies in place to label and organize relevant intel, etc.)
Help improve Siemens Threat Intelligence internal playbooks and toolset by contributing with improvement ideas about processes automation, functionalities, and new features.
What do I need to qualify for this job?
At least 5 years of relevant work experience in at least one of the following areas: Cyber security operations, Incident Response, IT Forensics, Cyber Threat Intelligence.
Experience with common threat intelligence models, tools, sources, and feeds.
Experience of most common OSINT tools and techniques, including social network monitoring and dark web networks (TOR, I2P, etc.).
Experience conducting intelligence analysis, including social network analysis, targeting, technical analysis, attribution etc.
Experience with scripting languages (e.g., Python, Bash or PowerShell) and using REST API, as well as data processing, regular expressions, and console-based text processing tools (e.g., sed, awk, jq).
Experience with Django/FastAPI, Javascript, Vue, REST APIs, OpenAPI, is a plus.
Knowledge of cyber threats and vulnerabilities: how to properly identify, triage, and remediate threats based on threat intelligence as well as on analysis of security events, log data and network traffic.
Basic knowledge of relevant laws, regulations, policies, and ethics related to cybersecurity and privacy topics.
Ability to present and explain complex technical topics to executives, management and technical experts.
Fluent in spoken and written English, including security terminology.
Relevant Industry Certifications such as SANS/GIAC (for example, GCIA, GCIH, GCTI, GNFA, GCFA), CompTIA Security+ CISSP, are desirable.
What's in it for you?
Flexible work arrangements: Smartworking
Performance-driven culture with rewards for achieving objectives and entrepreneurial spirit
A workplace that values curiosity and guarantees continuous learning
Flexible Welfare programs for you and your family
Employee Shareholding plans
You will be part of an international team, please include your CV in English.
Do you want to know more about Cybersecurity at Siemens? www.siemens.com/cybersecurity
We recognize that building a diverse workforce is essential to the success of our business. Therefore, Siemens provides equal employment opportunities to all qualified individuals without regard to race, creed, color, religion, national origin, age, gender, marital status, sexual preference, or non-disqualifying physical or mental handicap or disability.
