Department: Cybersecurity & Risk Management

Company Description

Banca Transilvania is the leading banking institution in Romania that supports and values entrepreneurial individuals. We believe that banking is not just about money, loans, and deposits, but about people and trust. Over the past 30 years, we have grown to become the largest bank in Romania, serving over 3 million customers with more than 10,000 employees. Our mission is to build trust and deliver innovative financial solutions that empower businesses and individuals.

Role Overview

We are looking for a skilled SIEM Engineer to strengthen Banca Transilvania’s security operations. The role focuses on managing and optimizing SIEM platforms, ensuring effective monitoring, detection, and response to cybersecurity threats across our infrastructure. The ideal candidate will have strong expertise in network security, incident response, and advanced security technologies, including cloud environments and SaaS-based security solutions.

Key Responsibilities

• SIEM Platform Management
• Deploy, configure, and optimize SIEM solutions for comprehensive log collection and event correlation.
• Develop and maintain correlation rules, dashboards, and alerts for advanced threat detection.
• Onboard and normalize logs from diverse sources (firewalls, IDS/IPS, Windows DC, network appliances, AV/antimalware, email security).
• Security Monitoring & Incident Response
• Analyze and interpret security logs and events to identify anomalies and potential threats.
• Provide input in incident response activities, including investigation, containment, and remediation.
• Collaborate with CyberSecurity, SOC and other teams to improve detection capabilities and reduce false positives.
• Integration & Automation
• Implement automation workflows or provide input for SOAR and scripting (Python, PowerShell) to streamline platform management and incident handling.
• Ensure seamless integration between SIEM and other security platforms, including cloud-native services.
• Compliance & Reporting
• Configure reports for regulatory compliance (ISO 27001, DORA, EBA) and internal audits.
• Maintain documentation of SIEM configurations, processes, and incident workflows.
• Knowledge Sharing
• Coach and train colleagues on SIEM best practices and security monitoring techniques.
• Conduct workshops and knowledge transfer sessions for internal teams.

Required Skills & Qualifications

• Strong knowledge of network security principles and technologies.

• Experience in security incident response and handling.

• Proficiency in using SIEM, EDR, SOAR tools.

• Good understanding of log structures and meanings from multiple sources (FW, IDS, Windows DC, network appliances, AV, email security).

• Ability to analyze and interpret security logs and events effectively.

• Demonstrated ability and willingness to coach and train colleagues.

• Excellent problem-solving and troubleshooting skills.

• Strong communication and collaboration skills.

• Familiarity with security standards and frameworks (ISO 27001, NIST, CIS).

• Knowledge of malware analysis and forensic techniques is a plus.

• Experience with SaaS SIEM platforms, including:

• Real-time detection and alerting
• Rule correlation and tuning
• Query language proficiency for threat hunting
• Log parsing and normalization

• Cloud security knowledge (Azure, AWS, GCP).

Preferred Certifications

• CISSP, CISM, CEH, or vendor-specific SIEM certifications.
• Cloud security certifications (e.g., Microsoft SC-200, AWS Security Specialty) are a plus.

Why Join Us?

• Contribute to a robust cybersecurity program in one of Romania’s leading financial institutions.
• Work with advanced security technologies and collaborate with a highly skilled team.