Security Engineer

As a Security Use Case Developer, you will play a key role in our Cyber Defense Center by creating and managing SIEM use cases to improve threat detection. You’ll identify and mitigate security threats, automate detection processes, and apply frameworks like MITRE ATT&CK to strengthen our security posture.

Discover Raiffeisen Tech ✨

Raiffeisen Tech Romania, a subsidiary of Raiffeisen Tech GmbH in Vienna, brings together experienced tech talents to enable Raiffeisen Bank International (RBI) Group to offer innovative technology solutions. The company fosters a collaborative environment for building international projects using advanced technologies, embracing a flexible approach and valuing curiosity and courage to innovate.

Your mission

• Collaborate with the security team to design, create, and fine-tune custom security use cases within our SIEM platform to detect potential security incidents and vulnerabilities effectively.
• Leverage your knowledge of MITRE ATT&CK to align threat detection strategies and response techniques with industry best practices, enhancing our ability to detect and thwart advanced threats.
• Stay abreast of the evolving cybersecurity landscape, incorporating the latest threat intelligence into SIEM use cases and MITRE ATT&CK matrices to bolster our detection and response capabilities.
• Analyze security logs and data from various sources, identifying anomalies and patterns that could signify security breaches or weaknesses.
• Collaborate with IT and operations teams to identify detection rules scenarios and exploits indicators.
• Ensure that security policies and procedures are consistently adhered to across the organization, making recommendations for enhancements as necessary.
• Maintain comprehensive documentation related to SIEM use cases, incident response protocols, and security best practices, with an emphasis on MITRE ATT&CK techniques and mappings.
• Work closely with cross-functional teams to foster a culture of security awareness and contribute to our overall security strategy.

Required superpowers

• A bachelor's degree in computer science, information technology, cybersecurity, or a related field is preferred.
• A minimum of 3-4 years of hands-on experience in a security analyst role, with a focus on SIEM use case development, security incident response, and knowledge of the MITRE ATT&CK framework. Strong knowledge about Operating Systems, Databases, Networking. Experience in red teaming/pentesting, would be consider an advantage.
• Demonstrated proficiency in working with SIEM platforms (e.g., Splunk, IBM QRadar, ArcSight) and creating custom detection rules, alerts, dashboards
• A strong foundation in cybersecurity principles, including an understanding of common threats, vulnerabilities, and attack vectors.
• Knowledge of the MITRE ATT&CK framework, including its tactics, techniques, and procedures (TTPs), and the ability to apply this knowledge to enhance our threat detection and response strategies.
• Excellent analytical and problem-solving abilities to identify and respond effectively to security incidents.
• Strong verbal and written communication skills for documenting findings, creating reports, and collaborating with team members and stakeholders.
• A keen eye for detail to identify subtle signs of security threats and vulnerabilities.