CSA SIEM Engineer (Chronicle), AVP​

Job Description:

Job Title: CSA SIEM Engineer (Chronicle), AVP​

Location: Pune, India

Role Description

The COO Chief Information Security Office (CISO) is responsible for addressing information security risks to the Deutsche Bank global IT, as a Security Engineer-AVP, you will play a key technical role in our SIEM Engineering team within the Global Cyber Security Engineering & Architecture organization. You will serve as a technical expert for the platform engineering and provide 24x7x365 support for critical security technologies.  The role primarily entails hands on technical product design, build & support of platforms like Chronicle, Splunk Enterprise, Splunk Phantom, Splunk Enterprise Security, ArcSight, Confluence, database custom applications.  You will be part of a global SIEM Engineering team. 

What we’ll offer you

As part of our flexible scheme, here are just some of the benefits that you’ll enjoy

• Best in class leave policy
• Gender neutral parental leaves
• 100% reimbursement under childcare assistance benefit (gender neutral)
• Sponsorship for Industry relevant certifications and education
• Employee Assistance Program for you and your family members
• Comprehensive Hospitalization Insurance for you and your dependents
• Accident and Term life Insurance
• Complementary Health screening for 35 yrs. and above

Your key responsibilities

• Engineer, implement & support SIEM platform (Chronicle)
• Terraform developer is a highly skilled individual who can efficiently code for building and versioning infrastructure against multi-cloud.
• Incident & Problem Management, Change & Release Management, Vendor Management, Capacity Management functions for the platform
• Provide production support for the platform as part of the team to ensure smooth operations, system function & system health
• Proficiency developing log ingestion and aggregation strategies
• On-board new data sources into Chronicle, analyze the data for anomalies and trends and build dashboards highlighting the key trends of the data.
• Contribute to product architecture, engineering & roadmap for the multi SIEM platform
• Develop security-focused content for Chronicle, including creation of complex threat detection logic and operational dashboards
• Work with cross-functional teams to proactively improve on existing integration automation/workflows.
• Maintain up-to-date knowledge of technology standards, industry trends, emerging technologies, and cyber security best practices.
• Ensure technical issues are quickly resolved and help implement strategies and solutions to reduce the likelihood of recurrence.
• Passionate about data to drive information-based security analytics
• Manage backend functionalities for Chronicle
• Work with end users to understand and define the requirements
• Recommend GCP best practices for implementation
• Create Operational Documents for process

Your skills and experience

The candidate must have Degree in Computer Science, Engineering, Information Technology, Cybersecurity or related field and a minimum of 10+ years of experience in with recent experience in Security engineering, system administration, network engineering, software engineering/development with a focus on Cybersecurity.

• 8+ years of IT engineering experience with recent experience in building and managing infrastructure and security platforms
• 5+ years of Experience implementing, architecting and administering SIEM platforms like Chronicle, Splunk, ArcSight, Qradar etc., for a large global organization
• Knowledge of GCP services and data ingestion from those services into SIEM. 
• Experience developing in XML, Bash, Python, and PowerShell scripts
• Experience with automation platforms such as Ansible
• Nice to have DevOps Engineering experience
• Independent, self-motivated, proactive approach to problem solving and prevention.
• Excellent written and verbal communication skills.
• Passionate about cyber security and the aptitude to identify and solve security problems.
• Hands on Experience with GCP platform, managing various configurations to enable & manage Chronicle
• Understand SIEM technologies

How we’ll support you

• Training and development to help you excel in your career
• Coaching and support from experts in your team
• A culture of continuous learning to aid progression
• A range of flexible benefits that you can tailor to suit your needs

About us and our teams

Please visit our company website for further information:

https://www.db.com/company/company.htm

Our values define the working environment we strive to create – diverse, supportive and welcoming of different views. We embrace a culture reflecting a variety of perspectives, insights and backgrounds to drive innovation. We build talented and diverse teams to drive business results and encourage our people to develop to their full potential. Talk to us about flexible work arrangements and other initiatives we offer.

We promote good working relationships and encourage high standards of conduct and work performance. We welcome applications from talented people from all cultures, countries, races, genders, sexual orientations, disabilities, beliefs and generations and are committed to providing a working environment free from harassment, discrimination and retaliation.

Visit Inside Deutsche Bank to discover more about the culture of Deutsche Bank including Diversity, Equity & Inclusion, Leadership, Learning, Future of Work and more besides.