Job Family: Cybersecurity

　　Req ID: 403109

　　Siemens Cybersecurity Defense is a team of dedicated security professionals with the mission to secure Siemens’s IT, OT and products worldwide. Siemens Cybersecurity Defense includes the Threat Intelligence team, which monitors the current Cyber Threat Landscape for Siemens. Based on that know-how and the latest technological trends, Cyber Threat Intelligence provides useful and actionable information in a timely manner to stakeholders such as Siemens CERT and Siemens Cyber Defence Center to support in the tactical, operational and strategical decision making.

　　As Cyber Threat Intelligence Specialist (f/m/d) you will:

　　Collect, organize, analyze, and refine information about known and emerging cyber security threats, including novel tactics, techniques, and procedures (TTPs) used by attackers to potentially target Siemens’ business or customers.

　　Leverage internal and external resources to enrich relevant information to deliver contextualized intel to acting teams in a timely manner.

　　Collaborate with Incident Response team, translating raw sensor data, reports, and other intelligence feeds into actionable intelligence to drive proactive measures and appropriately prioritize response activities.

　　Contribute to every step of the IoC lifecycle within the Siemens Threat Intelligence Platform (e.g. organizing input sources and feeds, manually crafting new indicators, tuning the strategies in place to label and organize relevant intel, etc.)

　　Help improve Siemens Threat Intelligence internal playbooks and toolset by contributing with improvement ideas about processes automation, functionalities, and new features.

　　What do I need to qualify for this job?

　　At least 5 years of relevant work experience in at least one of the following areas: Cyber security operations, Incident Response, IT Forensics, Cyber Threat Intelligence.

　　Experience with common threat intelligence models, tools, sources, and feeds.

　　Experience of most common OSINT tools and techniques, including social network monitoring and dark web networks (TOR, I2P, etc.).

　　Experience conducting intelligence analysis, including social network analysis, targeting, technical analysis, attribution etc.

　　Experience with scripting languages (e.g., Python, Bash or PowerShell) and using REST API, as well as data processing, regular expressions, and console-based text processing tools (e.g., sed, awk, jq).

　　Experience with Django/FastAPI, Javascript, Vue, REST APIs, OpenAPI, is a plus.

　　Knowledge of cyber threats and vulnerabilities: how to properly identify, triage, and remediate threats based on threat intelligence as well as on analysis of security events, log data and network traffic.

　　Basic knowledge of relevant laws, regulations, policies, and ethics related to cybersecurity and privacy topics.

　　Ability to present and explain complex technical topics to executives, management and technical experts.

　　Fluent in spoken and written English, including security terminology.

　　Relevant Industry Certifications such as SANS/GIAC (for example, GCIA, GCIH, GCTI, GNFA, GCFA), CompTIA Security+ CISSP, are desirable.

　　What's in it for you?

　　Flexible work arrangements: Smartworking

　　Performance-driven culture with rewards for achieving objectives and entrepreneurial spirit

　　A workplace that values curiosity and guarantees continuous learning

　　Flexible Welfare programs for you and your family

　　Employee Shareholding plans

　　You will be part of an international team, please include your CV in English .

　　Do you want to know more about Cybersecurity at Siemens? www.siemens.com/cybersecurity

　　We recognize that building a diverse workforce is essential to the success of our business. Therefore, Siemens provides equal employment opportunities to all qualified individuals without regard to race, creed, color, religion, national origin, age, gender, marital status, sexual preference, or non-disqualifying physical or mental handicap or disability.