Siemens Cybersecurity Defense is a global organization within Siemens consisting of regionally aligned teams across Germany, Portugal, Spain, Switzerland, United States, Mexico, and China. The mission of the organization is to proactively identify anomalies, respond and remediate Cybersecurity issues related to Operational Technology (OT), and products of Siemens. The Cyber Defense Center offers security monitoring and threat detection services. The main objective of the CDC is to attempt to keep Siemens protected by preventing the materialization of threats and minimizing any adverse reputational and financial impact. The CDC portfolio enables identification and initial response to a range of threat actors, from commodities to nation state-backed actors. As the frontline resource for monitoring, detecting, alerting, hunting, and responding to threat actors – the CDC provides deep expertise in defending against a wide range of threat actor tactics, techniques, and procedures. What are my responsibilities? Operate distributed Linux-based application servers in a high-security environment. This includes general system administration tasks, patching, hardening, monitoring, automation etc. Operate a cloud environment. This includes automation, monitoring, improvement. Maintain a next-generation log collection and Big Data Analytics framework Build / integrate automation tools to deploy and monitor cyber defense use cases. Operate and implement new functionalities through REST APIs Operate and develop Threat Intelligence feeds Support troubleshooting activities What do I need to qualify for this job? BS/BA in related discipline, or advanced degree, or equivalent combination of education and experience. Typically, 1-2 years of work experience and experience in a related field is preferred, but not required. Successful demonstration or potential to perform key responsibilities as presented above. Advanced degree may be substituted for experience, where applicable. UNIX/LINUX system administration, configuration, troubleshooting, scripting Relevant certifications may be of advantage: e.g., RedHat, Linux Academy Background in information security is of advantage Demonstrated ability to learn in a fast-paced environment German and English written and verbal communication skills are a must Other languages are a plus May have knowledge or experience in some of the following areas: Experience with infrastructure management & automation tools such as Ansible, Chef, Puppet Scripting skills – Required: Bash, Python. Optional: Perl, Powershell PostgreSQL, MySQL, ELK, Syslog-NG, JIRA/Confluence, Vmware, Kafka, Flink, Git, virtualization and container technologies Essential networking concepts (OSI, switching/routing, IP/TCP/UDP/ICMP), technologies (Firewalls, proxies, VPN, DNS, IDS) and tools (WireShark, tcpdump) Central log collection, indexes, searching and analysis Interpret event logs in the context of security events/intrusions and make accurate conclusions CI/CD Make your mark in our exciting world at Siemens. www.siemens.com/careers - if you would like to find out more about jobs & careers at Siemens. FAQ - if you need further information on the application process. As an equal-opportunity employer we are happy to consider applications from individuals with disabilities. Organization: Cybersecurity Company: Siemens AG Experience Level: Mid-level Professional Full / Part time: Full-time