Content Engineer (m/f) in SOC
Unbefristeter vertrag Munich (Upper Bavaria) IT development
Job description
JOB PURPOSE/ROLE
AMOS Information Security is the core team and central driver for Information Security at AMOS. The division is tasked to continue building and evolving a strong security organization and to establish certain functions that cover information security in a holistic way, by addressing preventive as well as detective actions, using technology and improving processes. Specifically, we are continually improving the maturity, reach and scope of the Allianz Cyber Defense Center (ACDC) in order to support the global rollout of major security initiatives like Advanced Malware Detection, the IT-eGRC Services and similarly in the Identity and Access Management area.
The Content Engineer is responsible for the development and maintenance of use-cases, dashboards and reports in the SIEM system, constantly developing new detective controls based on reports and given input of attack trends. Further responsibilities are monitoring and analyzing of information security events, and initiating information security incidents accordingly. This role is an integral part of the ACDC and its detection capabilities.
KEY RESPONSIBILITIES
Design and development of detective controls / use-cases along the “kill-chain”, in close collaboration with the ACDC Security Analysts
Design and development of dashboards, reports and KPIs
Life-cycle management of use-cases, periodic reports etc.
Observing and analyzing the external threat landscape
Monitoring and analyzing security events in central tools (e.g. SIEM) as well as unconnected, local systems (e.g. IPS) on a regular / permanent basis
Controlling effectiveness of preventive and detective measures (e.g. IPS system)
Developing and reporting metrics for the overall information security situation
Further responsibilities
Close collaboration with security analysts, tool engineering, threat management, risk management, device/application owners
Documentation of all content created, including possible mitigation actions
Supporting and advising the Security Analysts team
Initiating information security incident tickets, triggering escalation process if required, and performing initial counter-measures
Supporting (and joining) the Information Security Incident Handlers with real-time information on current developments
KEY REQUIREMENTS/SKILLS/EXPERIENCE
University degree in computer sciences or natural sciences, or comparable education and knowledge
Profound know-how of network and infrastructure security
At least 2 years of experience in development of complex ArcSight use-cases
Proven experience with security monitoring tools and devices, such as IDS/IPS, AV scanners and security gateways
Fluent in German and English (additional European language appreciated)
Skills and Competencies
Strong analytical mind
Good international communication skills as well as self-organization, even under pressure and high workload
Desired requirements /skills /experience
SANS and ArcSight certification
ADDITIONAL INFORMATION
Documents required for a complete application: CV, Cover Letter for the job, Certificates.
Reference Code
AMOS-4345963-4
Allianz is the home for those who dare – a supportive place where you can take the initiative to grow and to actively strengthen our global leadership position. By truly caring about people – both its 85 million private and corporate customers and more than 142,000 employees – Allianz fosters a culture where its employees are empowered to collaborate, perform, embrace trends and challenge the industry. Our main ambition is to be our customers’ trusted partner, instilling them with the confidence to grow. If you dare, join us at Allianz Group.
At the core of the Group’s strength lies digitalization and its promise of growth opportunities through a ‘digital by default’ strategy. Allianz Managed Operations & Services (AMOS) is the principal driver behind transforming Allianz into a digital group – a quest to which nearly 7,500 AMOS employees around the globe have committed themselves. AMOS equips the Group with the most cutting edge digital solutions in the industry, bringing Allianz to the fingertips of its customers. At AMOS, innovation is more than a buzzword; it is the business of the day, every day.
We are interested in your strengths and experience. This means that we welcome all applications, irrespective of other characteristics such as gender, ethnic background, origin or any disability.