About Deutsche Börse Group:Headquartered in Frankfurt, Germany, Deutsche Börse Group is a leading international exchange organization and market infrastructure provider. They empower investors, financial institutions, and companies by facilitating access to global capital markets.Their India centre is located in Hyderabad, serves as a key strategic hub and comprises India’s top-tier tech talent. They focus on crafting advanced IT solutions that elevate market infrastructure and services. Deutsche Börse Group in India is composed of a team of capital market engineers forming the backbone of financial markets worldwide.Your area of work:DBG CERT is looking for a highly motivated. Security Engineer whose responsibility will be to perform analysis of SIEM alerts escalated by SOC L1 analysts and (if required) escalated to CERT Incident Manager in a timely fashion and in accordance with DBG quality standards and pre-defined runbooks as well as with regulators requirements and contractual agreements (e.g. SLA response/resolution time) with our internal customers.Your responsibilities:- Perform analysis and investigation of security alert triggered by DBG SIEM solution ad escalated by SOC L1 analysts, in accordance with steps defined in Use Case-based documented runbooks - Properly document investigations and investigation outcome in corresponding ticketing tool, maintaining also detailed records of stakeholder communication - If required and in accordance with investigation steps detailed in runbooks, escalate the alerts to CERT Incident manager in line with pre-defined alert priority and corresponding SLAs - Available during the working hours (Mo-Fr) + on-call duty - Ensure adherence with DBG line of conduct, quality standards and corporate valuesYour profile:- University degree in Computer Science or similar - Solid experience in a CERT or SOC team (>3 years) with SIEM alerts handling and cyber threat investigations and understanding of cyber threats - Solid knowledge of cyber threats and vulnerabilities: how to properly identify, triage, and remediate threats based on threat intelligence as well as on analysis of security events, log data and network traffic. - Deliverable-oriented, with strong problem-solving skills and adaptation to a complex and highly regulated environment - Team player, willing to cooperate with multiple colleagues across office locations in a cross-cultural environment - Good report-writing skills to present the findings of investigations - Fluent in spoken and written English, including security terminology - 8+ years of professional experience in the cyber security field
Job Title
Associate Vice President - Senior Lead Incident Response Engineer [T500-21518]