IT Security Incident Analyst
Careers for agile minds
Our technology teams are responsible for the Bank’s entire information technology (“IT”) infrastructure, and the development, implementation, and protection of the software required to support all of the Bank’s businesses. We move over EUR 1.6 trillion across the Bank's platforms, support thousands of trading desks, and enable millions of banking transactions, share trades and emails every day.
With award-winning mobile banking apps and trading systems, our technology platforms help Deutsche Bank deliver high quality products to clients. Naturally, we make sure that the phones work, emails are delivered and PCs run - but we also develop collaboration platforms and workspaces that help our people share their knowledge, expertise and passion for our business.
Developments in technology are changing the way we communicate, work and think. Join us here, and you’ll constantly be looking ahead. We’ll look to you to capitalize on new technological trends that can reshape our business and deliver value for our clients, whilst still meeting the demands of customers, regulators and the markets.
Deutsche Bank AG is looking for L1 level Security Analysts supporting Deutsche Bank’s Cyber Security Incident Response Team and Security Incident Management process. This candidate will provide continuous, high quality security incident response service by ensuring that suspicious and malicious IT activities are properly detected, contained and remediated. Specifically, this candidate will provide real time monitoring of ArcSight alerts, mailbox and global hotline. Candidate will be required to work across all functional areas of business, Global Technologies, and other cyber security disciplines. A willingness to improve operational delivery capabilities, detection and response procedures, and documentation of security alerts, tickets and analysis.
Responsibilities include in particular:
- Work in a globally matrix (virtual) team environment along side with other Security Teams / SME’s
- Escalate security events / alerts in a timely manner per Service Level Agreements
- Analyse, handle and document security alerts / incidents in a consistent, comprehensive, risk driven manner
- Track ticket progress with the ability to escalate horizontally or vertically - as necessary
- Quickly adapt new working procedures and risk driven measures ensuring seamless, consistent processes
- Trigger and support accuracy of security incident detection and monitoring
- Support the Security Incident Management process and desired mitigation outcome
- Information share best practice and knowledge based articles with global team
- Support projects to onboard systems and solutions into security event monitoring (Transitions)
- Prepare and check functional and operational reports
- Perform operational tasks and incident handling around security procedures
- Maintain certifications, training and skill sets at highest level
- The chosen candidate will act as the Security Operations Analyst within the CISO organization. This challenging role is critical in order for Deutsche Bank to protect and defend the DB brand and reputation. This role requires someone with a passion for Cyber Security (in particular the ability to analyze alerts, patterns and signals). This role requires someone with a strong work ethic, flexibility, investigative nature, good perception and judgment.
- The candidate will need to have sound, broad security and technical knowledge as well as excellent communication and coordination skills, working fluently in English.
Experience / Requirements:
- At least 3 years of Security Experience (within a technical role in a security domain in particular Network and Operating System Security / Security Incident Response)
- Expertise SIEM operations and maintenance
- Good knowledge in NIDS systems
- Good understanding of and exposure to security tools such as firewalls, IDS/IPS, A/V, anti-spam, proxies
- Solid experience working with Internet and network technologies; specifically TCP/IP, UDP, SMTP, HTTP,
- HTTPS and FTP;
- Fundamentals of Application Security - Strengths and Weaknesses
- ITIL Fundamentals
- Successful integration into global virtual teams
- Experience in Security Alert analysis, handling and documentation
- Experience in troubleshooting (technical analysis, documentation and remediation)
- Experience in Service Definition, Service Level Management, KPI tracking
- Experience in working in dynamic processes
- Excellent verbal and written English skills
- Ability to work proactively and independently in alignment within CISO strategies, goals and objectives
- Ability to incident handle & multiple tasks with careful attention to detail
- Ability to set priorities and coordinate tasks with team members
- Foster growth – “one team one fight”
- Capability to provide sound results working in high ops tempo environment along side with multiple teams across the globe / time zones
- Excellent communication, analytical and documentation skills at all levels
- Be risk / threat driven and able to view big picture concepts
- Effective problem solver focused on hard facts and standards
- Willingness and ability to share knowledge with team members
- Good team player
- Good time management
- Flexibility for on-call support and flexible working times under follow- the-sun model
- Ability to manage small projects and coordinate with global teams
- University degree in Computer Science or similar work experience
- One or more security certification - SSCP, GSEC, GCIA, GCIH, SCNS, CEH
- One or more technical/product certifications such as SFCP, ACSA, MCSE, LPIC-3, CCSP, CCNP, GCIA, GCFW, CCNA
- ITIL Foundation certification
For candidates applying for positions in the US:
With operations in over 70 countries, we encourage our people to think for themselves and reward integrity. Our large but focused footprint gives us a strong position in Europe plus a significant presence in the Americas and Asia Pacific. We offer clients commercial and investment banking, retail banking and transaction banking as well as ground-breaking asset and wealth management products and services. We are structured around the four types of clients that we serve – institutions, corporates, fiduciaries, and private clients – and devolve greater responsibility, along with consequent accountability, to our four business divisions: Corporate & Investment Banking, Global Markets, Deutsche Asset Management, and Private, Wealth & Commercial Clients.
Investment Banking, Asset Management, Retail Banking, Private Wealth Management, Private Banking, Transaction Banking
Company Type: Public Company
Company Size: 10,001+