Tracing its origins to 1585, Deutsche Börse Group has become one of the world’s leading exchange organisations and an innovative market infrastructure provider. In this role, we provide investors, financial institutions and companies access to global capital markets. By creating trust in the markets of today and tomorrow we foster growth and contribute to the prosperity of future generations. What’s your part in all this? With your commitment you contribute to the success of our unique business model: offering a wide range of products, services and technologies, covering the entire value chain of global financial markets.
IT Security Engineer / Cyber Analyst (f/m/d)
Deutsche Börse Services s.r.o. • Prague
Who we are
Your career at Deutsche Börse Group
Field of activity
In your new position, you will become a member of the Cyber Defence team, part of Group Security in Prague. Cyber Defence team is responsible for all aspects of Security Information and Event Management (SIEM), Computer Emergency Response (CERT), and Security Operations Center (SOC). In order to fully protect the information assets of DBG, Cyber Defence is aiming to achieve a proactive detection of threats and improve monitoring of DBG information assets to protect them from cyber-attacks effectively, dealing with implementation and maintenance a state-of-the-art SIEM/SOC tooling, architecture and use cases content in order to support establishing Cyber Defence as a centre of excellence for threat intelligence.
In the advertised position, you will be focused on the SIEM/SOC related activities with focus on the IS domains Security Incident Management, Alert & Log monitoring, Cyberthreat & Vulnerability management.
Beside that you will support various Information Security related projects ensuring robustness and the state-of-the-art solutions following the regulatory requirements and the best industry practices. Your strong interpersonal skills with the ability to communicate clearly and effectively with business and technology stakeholders at all levels will be the driving force behind your work.
- Develop and maintain a state-of-the-art knowledge base of Cyber Defence threat scenarios and methodologies to achieve full visibility of potential threats to DBG arising from social media and internet
- Design, develop and maintain SIEM related use cases across a complex technology stack of DBG, required to timely detect and mitigate attacks and malicious activities
- Ensure all relevant SIEM/SOC policies, procedures are defined, implemented, and maintained to meet regulatory and compliance requirements
- Support the Cyber Defence team to implement dashboards and reports to ensure the SIEM is operating effectively
- Support the SIEM/SOC teams and incidence response teams to investigate alerts raised in Splunk
- Control outsourced activities (e.g., SOC) and ensure their performance according to contractual obligations
- Optimize technology stack used in Cyber Defence and enable Cyber Defence to proactively detect threats through usage of threat intelligence and threat hunting techniques
- Ensure the quality of operational processes based on KPIs and initiate improvements where appropriate
- Support automation of SIEM/SOC workflows using Splunk technology to improve information security incident handling capabilities
- Work with subject matter experts across the Group to transform the maturity of the SIEM/SOC to an industry-leading organization
- University or comparable degree in Computer Science, Information Security, Engineering or related discipline
- 3+ years of experience in a CERT/SOC Splunk environment, implementing use-cases and SOC runbooks
- In-depth knowledge of relevant legal and regulatory frameworks in the financial industry (e.g., MaRisk, BAIT, German BSI IT-Grundschutz, CSSF circulars) and industry standards (e.g., ISO/IEC 2700x, NIST, COBIT)
- Ability to translate regulatory requirements into operational plans and actions
- Solid knowledge and understanding of Cyber Security technologies, processes, and methodologies (e.g., SIEM, SOAR, IDS/IPS, threat analysis, incident response, forensics analysis, Kill Chain, MITRE ATT&CK)
- Strong technical background and practical knowledge in relevant IT Security solutions
- Excellent analytical skills, creativity, critical thinking, ability to identify problems and propose solutions
- Excellent presentation and interpersonal skills
- Ability to work under high pressure
- Proficiency in written and spoken English, French and/or German is an asset
Why Deutsche Börse Group?
We are committed to providing a work environment which makes our employees both feel at ease and reach their full potential. Our standards go far beyond simply matching candidates with the right position.
Careers with a future
Whether you are an apprentice, a trainee, a young or experienced professional – with us your career is off to a good start that holds many different paths to develop and reach the next level. Your professional future is in your hands – as a manager, expert or project manager. You can count on our support as well as further education and training measures.
Diversity & Inclusion
We embrace diversity. As the cornerstone of our success, your contribution counts – irrespective of gender, nationality, ethnic or social background, religion or worldview, disability, age, sexual preference and identity.
Exciting, cutting-edge projects
“Boredom” is a concept unknown to us. With us you are part of a company that is shaping the future and where you can make a difference and actively participate – by supporting companies and start-ups going public, developing trading technologies or designing the cloud infrastructure for a highly regulated environment.
We at Deutsche Börse create trust in the markets of today and tomorrow. Our collaborative efforts are defined by integrity, responsibility and transparency as well as by mutual respect and appreciation, both within our organisation and externally.
Our market infrastructures are connected globally: whether in Singapore, London, Chicago, Luxembourg or Dubai – working with us means collaborating with colleagues and teams across 40 locations from more than 100 nations
Security and growth
Our company is experiencing healthy growth, not least due to our diversified business model. As a globally active exchange organiser, we provide market participants with consistently safe infrastructures that stimulate growth along the entire value chain. For you this means: a secure and promising workplace!
Our employees work in great teams and therefore enjoy working with us. This is reflected in our annual employee surveys. No matter how great the challenges posed by the markets might be – we support each other, work together closely to successfully complete projects and face change with a positive, collaborative approach.
We offer a work environment, in which professional and private life can interact individually. Flexible working time models, allowance for childcare, working remotely, studying alongside your job or part-time models – we give you the opportunity to adapt your job to your life situation.