Join our international team that drives positive change, united by a spirit of openness and curiosity. We empower you to have an impact and to grow – personally and professionally. With us, you work at the heart of financial systems and evolve the way markets operate. We’re excited about the future because we are the ones shaping it. Let´s do this together by sharing value!
Cyber Security SIEM Engineer - Group Security (f/m/d)
Deutsche Börse Branch Prague • Prague
Learn. Develop. Grow. But always: Share value
Who we are
Tracing its origins to 1585, Deutsche Börse Group has become one of the world’s leading exchange organisations and an innovative market infrastructure provider. In this role, we provide investors, financial institutions and companies access to global capital markets. What’s your part in all this? With your commitment you contribute to the success of our unique business model: offering a wide range of products, services and technologies for security, transparency and integrity on the markets. By creating trust in the markets of today and tomorrow we foster growth and contribute to the prosperity of future generations.
Your career at Deutsche Börse Group
Your area of work:
As part of the Cyber Protection – Detect & Prevent unit, you will be working in a team of engineers distributed between three locations, Eschborn, Luxembourg and Prague. Your time will be divided between managing and supporting the systems related to the Security Information Event Management (SIEM). In addition to SIEM, the team provides top-level service for malware detection, Database Activity Monitoring (DAM), Host/Network Intrusion (IDS/IPS) and Web Application Firewall (WAF).
- Operate the company’s SIEM infrastructure (Splunk)
- Monitoring and capacity planning of the SIEM infrastructure
- Maintenance and upgrades of the SIEM software (Splunk)
- Onboarding of logs from different sources (OS, DBMS, middleware and application layer) and reporting
- Development of Apps/TA´s and/or parsers
- Troubleshoot issues with log sources or systems with vendors and stakeholders
- Document and update the SIEM engineering processes, logging/ingestion procedures and other related documents
- Provide effective support service for implemented security controls
- Participate in the on-call rotation for SIEM
- University degree in IT, business informatics, or comparable education
- 3+ years professional experience supporting and maintaining SIEM systems (Splunk ideally)
- Knowledge of cloud-native SIEM solutions, such as Google Chronicle or Microsoft Sentinel, appreciated
- Ability to define and onboard new data sources into SIEM/Splunk
- Good understanding of Common Information Model (CIM) and Common Event Format (CEF)
- Good understanding of Linux, Windows, z/OS and related logging formats
- Good understanding of network devices (Router, Switches, Firewall, WAF, Load balancer, etc.) and related logging formats
- Good knowledge of systems & applications security concepts
- Development skills (RegEX, Python, bash, PowerShell)
- Experience with public cloud platforms, e.g. Google Cloud Platform (preferred) and Microsoft Azure
- Ability to work under pressure in a fast-paced environment
- Strong attention to detail with an analytical mind and outstanding problem-solving skills
- Ability to firmly present complex topics in an understandable manner
- Proficiency in written and spoken English, same in German is a plus
- Additionally, you need to be a team player with good communication skills, highly motivated and flexible
Why Deutsche Börse Group?
We are committed to providing a work environment where everyone feels welcome and can reach their full potential. Our standards go far beyond simply matching candidates with the right position.
We enable you to move freely with our job tickets, job (e-)bikes and free parking opportunities.
Collaboration, communication, or deep focus – in our modern office buildings you will find the perfect work environment. Free drinks and food and meal allowances included.
Health and wellbeing
We care for your health and wellbeing and besides various health promotion measures we offer you a group accident insurance and additional insurance offers at discounted rates.
We provide financial stability by offering attractive salaries, company pension schemes, participation in our Group Share Plan, as well as bonuses, subsidies and discounts.
Collaborate and exchange on-site or work remotely several days a week in line with business needs and local regulations. Our hybrid working model combines the best of both worlds.
Flexible working hours
We want your job to fit your life situation and offer flexible working time models, part-time models, childcare allowance, or the possibility to study alongside your job.
Our market infrastructures are globally connected. Working with us means collaborating with like-minded colleagues across over 60 locations from more than 100 nations.
We promote individual development by offering internal development programmes, mentoring, further education and training budgets.