Information Security Analyst (f/m/x)

Position Overview

DB Global Technology is Deutsche Banks technology center in Central and Eastern Europe. Since its set-up in 2013, Bucharest Technology Centre (BEX) has constantly proven its capacity to deliver global technology products and services, playing a dynamic role in the Banks technology transformation.

We have a robust, hands-on engineering culture dedicated to continuous learning, knowledge-sharing, technical skill development and networking. We are an essential part of the Banks technology platform and develop applications for many important business areas.

Integrated in Deutsche Banks Chief Security Office (CSO), the Information Security Threat Operations team is responsible for mitigating these risks. The Information Security Threat Operations team enables the business of Deutsche Bank by providing agile security operational capabilities.

You will be responsible for the full range of tasks associated with the detection of cyber threats in a fast-paced environment for Deutsche Banks cloud workloads, especially on the Google Cloud Platform stack, using cloud based SIEM/SOAR solutions. Our Cloud Operations team is focused on helping develop Deutsche Banks new cloud architecture, platforms/systems, organizational and operational processes to allow for the detection of cyber threats. Once established the focus will shift stronger into the development to detect new threats and perform threat hunting while incorporating change in an evergreen cloud environment.

This will involve maintaining a close dialogue with various units and stakeholders for the purpose of detecting and assessing potential risks to critical business infrastructure and services.

Responsibilities

You will be expected to be able to identify areas for improvement and take accountability to drive security topics forward within and outside the team

In this role, you will also contribute to the development of Security Information and Event Management (SIEM) content, focusing on the Google Cloud Platform stack (Google SecOps, Security Command Center, etc.) including detection use cases, automation playbooks, reports, network and asset model management, dashboards, rules/logic, documentation, and process establishment

Collaborate with other security specialists and experts to support the architecture, design and implementation of services and processes to support our mission of detecting cyber threats

Work in close cooperation with Cyber Intelligence, Incident Response, and the Security Operations Centre for the purpose of extending and strengthening the divisions capabilities relating to threat analytics for cloud service

This will include managing and overseeing a range of sophisticated tools and services aimed at detecting cyber threats/incidents and responding to them in a determined manner

Skills

• Minimum 1 years hands-on experience with GCP or alternatively MS Azure / AWS with focus on security services from one of the beforementioned cloud providers.
• Having at least 6 months experience in developing, modifying, enhancing, and fine-tuning detection and alerting/threat hunting use-cases in any type of SIEM solution (Splunk, LogRhythm, QRadar, Sentinel, SecOps) and understanding of industry wide known detection query languages: KQL, Sigma, YARA, YARA-l, SPL, etc.
• Familiarity with Cyber Security Incident Response or computer forensic processes, or a strong interest and capability to learn the fundamentals of security operations within a short time.
• Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development /Application Security, data protection, cryptography, key management, identity and access management, network security) within SaaS, IaaS, PaaS, and other cloud environments

• Have at least 2 years work experience in the fields of either: Encryption; IAM (Identity & Access Management), Security Monitoring & Incident Response, Network Security, Pen Testing, Security Operation, Application Security

Well-being & Benefits

Emotionally and mentally balanced: We support you in dealing with life crises, maintaining stability through illness, and maintaining good mental health.

• Empowering managers who value your ideas and decisions. Show your positive attitude, determination, and open-mindedness.

• A professional, passionate, and fun workplace.

• A modern office with fun and relaxing areas to boost creativity.

• Continuous learning culture with coaching and support from team experts.

• A culture where you can openly speak about mental health.

Physically thriving: We support you in managing your physical health by taking appropriate preventive measures and providing a workplace that helps you thrive. For example, Private healthcare and life insurance with premium benefits for you and discounts for your loved ones, healthier ways of working and check-ups.

Socially connected: We strongly believe in collaboration, inclusion and feeling connected to open up new perspectives and strengthen our self-confidence and well-being.

• 24 days holiday, loyalty days, and bank holidays (including weekdays for weekend bank holidays).

• Hybrid working model with 40% remote work.

• Options for flexible working hours.

• Enjoy retailer discounts, cultural and CSR activities, workshops, and more.

Financially secure: We support you in meeting personal financial goals during your active career and for the future.

• Competitive income, performance-based promotions, and a sense of purpose.

• Meal vouchers, bonuses for referrals

Interested in more: discover what our employees value in the Well-being & Benefits hub!

We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively.
Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group.
We welcome applications from all people and promote a positive, fair and inclusive work environment.