Description
Hi,We are looking for SOC Specialist / Incident Manager for the following project.
Project description:
The role of the SOC Specialist/ Incident Manager is part of the Global Cyber Security Operations Center (dbSOC) of Deutsche Bank.
The Global Cyber Security Operations Center operates 24x7x365 in a follow-the-sun mode and is responsible for enabling the business of Deutsche Bank
by providing agile, implementable, cost-effective and cutting edge Cyber Security Operational and Incident response services to protect DB’s data assets,
customers and partners.
Tasks:
• management of security incidents during all stages of the incident management process including an in-depth analysis
• evaluate escalated security alerts from the Senior SOC Analysts
• assess the security and business risk associated with a security incident
• coordinate containment, eradication, recovery, investigation and response measures and assure an appropriate tracking, documentation, closure and post incident reporting and review of incidents
• lead the communication during and after an incident (management reporting, communication with relevant stakeholders)
• provide guidance and training for the SOC Analysts and Senior SOC Analysts, develop and maintain incident response plans and contribute to the enhancement of the incident detection, analysis and response capabilities of Deutsche Bank.
Experience / requirements:
• 7-10 years of security experience in a technical role, mainly in the area of Intrusion Detection Systems, Platform and/or Network security
• Strong security background (understanding risk assessment, legal and regulatory requirements, threats, vulnerabilities, security policies etc.)
• Excellent technical understanding of enterprise grade technologies including security devices, network engineering, operating systems, databases and applications and their security settings and configurations
• Ability to read and understand system and network traffic data including security event logs, system logs, application logs, etc.
• Demonstrate prior experience in scripting languages, software vulnerabilities, hacking techniques, exploits, malware, forensics and/or reverse engineering
• Comprehensive knowledge of the threat landscape, adversary tactics, techniques, and procedures (TTP), general attack stages, kill-chain and attack types
• Broad knowledge and proven experience in incident handling and incident response methodologies
• Excellent knowledge of network security technology and various detection, analysis, troubleshooting and configuration control tools (e.g. SIEM, NIDS; DAM, Big Data Analytics, Log file and network traffic analysis, vulnerability scanner)
Projectstart : As soon as possible
Projectlenght : Long Term (contracts on quarterly basis)
Location : Eschborn (Frankfurt am Main)
Regards,
Kiran Kotla