Information Security Engineer - SOC Service Coordinator (f/m/d)

Deutsche Börse Prague Branch • Prague

Build the future of financial markets. Build yours.​

Ready to make a real impact in the financial industry? At Deutsche Börse Group, we'll empower you to grow your career in a supportive and inclusive environment. With our unique business model, driven by 15,000 colleagues around the globe, we actively shape the future of financial markets. Join our One Global Team!

Want to learn more?
Who we are

Who we are

Deutsche Börse Group is one of the world’s leading exchange organisations and an innovative market infrastructure provider. With our products and services, we ensure that capital markets are fair, transparent, reliable, and stable. Together, we develop state-of-the-art IT solutions and offer our IT systems all over the world. Play a key role in our mission: to create trust in the markets of today and tomorrow.

Prague

Your career at Deutsche Börse Group

Your area of work:

 

DBG CERT is looking for a highly motivated Security Engineer whose responsibility will be to ensure that the initial triage and analysis of cyber threats, reported by our SIEM solution to SOC L1 and L2 analysts, is performed in a timely fashion and in accordance with DBG quality standards as well as with regulators requirements and contractual agreements (e.g. SLA response/resolution time) with our internal customers. At this position you will be also responsible to identify and propose improvements on SOC/CERT runbooks as well as tuning of SIEM use cases to reduce the risks of false positives, false negatives and hence improve incident management escalation and handling.

 

 

Your responsibilities:

 

  • Identify and propose adjustments/improvements on SOC runbooks based for example on false positives, tuning of SIEM use cases and audit findings
  • Engagement with internal IT functions might be required to fill the identified gaps (e.g. lack of details in asset inventory) in the alert handling process
  • Identify and propose adjustments/improvements on SIEM UCs based for example on false positives reported by SOC and audit findings
  • Quality check and end-to-end testing of SOC runbooks
  • Preparation for audits (evidence/requests handling) and attendance
  • Attendance to regular calls with SOC Service Manager
  • Participate in Blue/Red teams exercise to test and improve our monitoring and response capabilities

 

 

Your profile:

 

  • Solid experience in a CERT or SOC team with SIEM alerts handling, workflow design and runbook preparation
  • Knowledge of cyber threats and vulnerabilities: how to properly identify, triage, and remediate threats based on threat intelligence as well as on analysis of security events, log data and network traffic
  • Expert working knowledge of technical and organizational aspects of information security, e.g., through prior defensive or offensive work experience
  • Solid understanding of cyber threats and MITRE ATT&CK framework
  • Deliverable-oriented, with strong problem-solving skills and adaptation on complex and highly regulated environment
  • Team player willing to cooperate with multiple colleagues across office locations in a cross-cultural environment
  • Good report-writing skills to present the findings of investigations
  • Available during the working hours (Mo-Fr) + on-call duty
  • Fluent in spoken and written English, including security terminology; proficiency in German is a plus

 

 

Strong assets:

 

  • Willingness & ability to take the lead on complex Cyber Security investigations supporting CERT lead
  • Development of automation of various CERT/SOC processes via SOAR solution
  • Red Teaming/Purple Teaming exercises
  • Background in Malware Analysis, Digital Forensics and/or Cyber Threat Intelligence
  • Experience in Threat Hunting including the ability to leverage intelligence data to proactively identify and iteratively investigates suspicious behaviour across networks and systems
  • Script Development (e.g. Python, Shell scripting)
  • Cloud Security expertise (primarily GCP and Azure)
  • Vulnerability Handling / Management
  • Relevant Industry Certifications such as SANS/GIAC (e.g., GCIA, GCIH, GNFA, GCFA), CompTIA (Security+, Cloud+, PenTest+), OSCP, eLearnSecurity are desirable

Why Deutsche Börse Group?

We are committed to providing a work environment where everyone feels welcome and can reach their full potential. Our standards go far beyond simply matching candidates with the right position.

Mobility

We enable you to move freely with our job tickets, job (e-)bikes and free parking opportunities.

Work environment

Collaboration, communication, or deep focus – in our modern office buildings you will find the perfect work environment. Free drinks and food and meal allowances included.

Health and wellbeing

We care for your health and wellbeing and besides various health promotion measures we offer you a group accident insurance and additional insurance offers at discounted rates.

Financial stability

We provide financial stability by offering attractive salaries, company pension schemes, participation in our Group Share Plan, as well as bonuses, subsidies and discounts.

Hybrid work

Collaborate and exchange on-site or work remotely several days a week in line with business needs and local regulations. Our hybrid working model combines the best of both worlds.

Flexible working hours

We want your job to fit your life situation and offer flexible working time models, childcare allowance, or the possibility to study alongside your job.

Internationality

Our market infrastructures are globally connected. Working with us means collaborating with like-minded colleagues across over 60 locations from more than 100 nations.

Development

We promote individual development by offering internal development programmes, mentoring, further education and training budgets.

Our story

Our Story - Deutsche Börse Group in 120 Seconds
Our Story - Deutsche Börse Group in 120 Seconds
Contact
Recruiting Team

Recruiting Team

Take your career to the next level with us and embrace new challenges!
 

+496921111810

Our Recruiting Team is looking forward to your call or e-mail.

Similar jobs
We evaluate all jobs for you in order to suggest similar jobs that match the tasks and required skills.

Ready to start your career with us?

Apply now!