Technical Team Lead SIEM-Platform (m/f/d)

The security of information, applications and systems is a prerequisite for the digital future of Deutsche Bahn. Trust in the security of new digital technologies is indispensable. With enthusiasm and strategic vision, you will bring IT and OT security trends to the rail. From securing the operation of the SIM platform to working with other teams, you are here from the start and can implement your own ideas. The journey to a secure digital future has only begun. Come on aboard - together we will surely move something. At the next time, we are looking for you as a Technical Team Lead SIEM platform (w/m/d) for the Security Operations Center of DB InfraGO AG at the Berlin or Frankfurt site. Your tasks:

You assume the overall technical responsibility for the safe operation, the availability and scalability of the SIEM platform and the related applications To do this, you design and coordinate the implementation of functional and qualitative requirements on the SIEM platform within the “SIEM Admins” team In this context, you systematically control the individual technical tasks and their binding implementation within the team “SIEM Admins” In your procedure, you take into account the regulatory requirements, the IT/OT security strategy of DB InfraGO AG and the current threat situation. You represent the SIEM platform professionally-strategically to other SOC subteams as well as the interfaces to SOC Architecture and Security Operations Management The dashboards for status control and system health as well as implementation of patches, upgrades and system optimizations are monitored, developed and responsible for your leadership In the middle, instead of just doing this: you actively work on the implementation of the professional tasks, and you start or validate recognition rules for the analysis of the data You actively contribute to the strategic planning and development of requirements for the operation of the SIEM platform as part of the economic and technical objectives for the technologies used

Your profile:

The basis of your success is a study in computer science, IT security, IT forensics, network technology or multi-year professional experience in the relevant environment In addition, you have already coordinated administration teams professionally and taken over cross-border, strategic roles in operation and the further development of an SIEM solution, ideally in a company of critical infrastructure You’ll get back to good experiences in dealing with common IT security systems (splunk, XSOAR, etc.) and have deeper know-how in IT security methods and processes In addition to very good knowledge in the administration of an SIEM system as well as network technology and protocols, log formats, parsing, scripting, automation solutions, you have a sound knowledge in the configuration and evaluation of operating system, firewall logs You bring a good understanding of the threat models (MITRE ATT&CK, Cyber Kill Chain) and programming knowledge in at least one scripting language (Python, Bash etc.) with Exciting, multidimensional facts quickly penetrate thanks to your pronounced analytical skills and you know how to communicate results, concerns and necessary measures to address your needs You are versed in the analysis of complex organizational relationships and responsibilities within a large group and move safely into security roles according to information security organization The willingness to participate in a willingness to call at different intervals will bring you

This is important to us:

Our claim is to offer all candidates the same opportunities for entry with us, both with equal suitability. We actively promote diversity and cooperation in our teams. We appreciate any application, regardless of gender, nationality, ethnic and social origin, religion, world view, disability, age, duration of unemployment, sexual orientation and identity. Benefits:

Targeted and individual further developments at the level of expertise, project or leadership give you a long-term perspective. We promote flexible, individual working models and, if possible, support modern working forms, e.g. mobile working. We offer you attractive, individual offers for professional orientation and further development such as the DB Career Lab, the group-wide follow-up planning and long-term development opportunities at specialist, project or leadership level. .