Security Incident Manager

Job Overview

Deutsche Bank (DB) Chief Security Office (CSO) is looking for a senior Information Security professional to support the Bank’s Security Threat Detection & Response (TDR) capabilities.

The TDR Security Incident Manager is responsible for timely acting on security events and incidents, taking decisions to ensure the corresponding course of action for rapid containment and mitigation.

Additionally, he/she acts as a specialist for information security incident response processes to protect the Bank, its partners, and clients of any potential loss. Besides operations tasks, he/she will be supporting to evaluate and adjust processes, tools, and reporting.

Main Responsibilities:

• Pre-evaluation of information security alerts raised.
• Support the assessment of financial, reputational, client, market or regulatory impact associated with an information security incident.
• Leadership and management of information security incidents with TDR and involved SMEs.
• Decision taking on the information security incident’s severity, category, and course of action.
• Containment of an information security incident
• Providing accurate information security incident communication to the relevant stakeholders.
• Ensuring proper information security incident documentation and hand over to additional Information Security Incident Manager or SOC shifts as needed.

Skills and Capabilities Required

• Good understanding of enterprise technologies especially focusing on security devices, network engineering, operating systems, databases and security configurations on application level.
• Familiar with the MITTRE ATT&CK framework, good knowledge of current threat landscape and attack scenarios/tactics, as well as containment and protection measures .
• Background on incident management, preferrable in the cyber-security field.
• Reasonable understanding on system logs analysis, network traffic logs, payload, event logs, application logs, firewall logs, Active Directory etc.
• Reasonable understanding of Security Incident and Event Management (SIEM) systems, ideally on Splunk Enterprise Security, or Chronicle GCP, or Sentinel.
• Fluent in English, very good communication skills and confident assuming timely decisions.
• Independent way of working with strong decision making and problem-solving ability.
• Appetite for continuous learning.
• Comfortable/experienced with working in international & multicultural teams.

Always a plus

• Previous experience working in a SOC.
• Admin or SecOps experience, particularly on Google Cloud and/or Azure environments.
• Experience on networks , firewalls and related tools.
• CISSP, CISM, GCIH or other relevant certifications in the field.
• German language skills.

About us/about Deutsche Bank:

Deutsche Bank is an equal opportunity employer who seeks to recruit and appoint the best available person for a job regardless of marital status, sex (including pregnancy), age, religion, belief, race, nationality and ethnic or national origin, colour, sexual orientation or disability.

Before applying, please read our data protection policy: https://dbprivacy.ro/candidati.html?lang=ro