Information Security Senior Specialist (f/m/x) - Threat Detection & Response

Information Security Incident Manager

The Information Security Incident Manager works within the EMEA Security Operations Center (dbSOC), which is set up within a 24x7x365 Follow-The-Sun model. In this role you are responsible for projects, process adjustments, tooling evaluations, knowledge transfer and setup/hosting of crisis simulations/table top exercises. The evaluation and management of information security incidents is part of the scope. Additionally, you will act as a specialist for information security incident response processes to protect the bank, its partners, and clients of any potential loss.

Main responsibilities

• Definition, review, and continuous improvement of Threat Detection and Response processes
• Support for the entire SOC team with security expertise and process know-how, including the development of new methods to increase effectiveness
• Coaching the team to enhance Incident Response capabilities, ideally with a focus on cloud environments (GCP, M365)
• Leading small projects within Information Security Threat Operations (ISTO) and representing ISTO interests in projects and programs within the Chief Security Office (CSO) domain
• Coordinating Information Security Incidents as Lead Incident Manager, including serving as Manager on Duty during select weekends/holidays
• Developing crisis exercise scenarios, setting up and conducting exercises with various internal and external stakeholders
• Primary contact for the advancement of our tool/platform environment (ticketing tool, SIEM, SOAR)

Skills and experiences

• Completed degree in Computer Science or a comparable field of study, or equivalent training with relevant qualifications
• Strong technical security knowledge (understanding of risks, vulnerabilities, security policies, threat landscape, and attack tactics) as well as process automation expertise
• Experience in Incident Response & Threat Hunting, both in on-premise and cloud environments
• Knowledge of building and securing cloud environments, primarily GCP and M365
• Ability to collaborate with various teams and clearly communicate results as well as strong communication, analytical, and documentation skills
• Solid understanding of enterprise technologies, especially security devices, network engineering, operating systems, databases, and applications, including their security configurations
• Ideally, widely recognized Information/Cyber Security certifications (e.g., SANS, ISC²)
• Language skills: Excellent English proficiency (spoken and written), ideally also German

What we offer

• Emotionally and mentally balanced A positive mind helps us master the challenges of everyday life – both professionally and privately. We offer consultation in difficult life situations as well as mental health awareness trainings.
• Physically thriving We support you in staying physically fit through an offering to maintain personal health and a professional environment. You can benefit from health check-ups; vaccination drives as well as advice on healthy living and nutrition.
• Socially connected Networking opens up new perspectives, helps us thrive professionally and personally as well as strengthens our self-confidence and well-being. You can benefit from PME family service, FitnessCenter Job, flexible working (e.g parttime, hybrid working, job tandem) as well as an extensive culture of diversity, equity and inclusion.
• Financially secure We provide you with financial security not only during your active career but also for the future. You can benefit from offerings such as pension plans, banking services, company bicycle or "Deutschlandticket".

Since our offerings slightly vary across locations, please contact your recruiter with specific questions. This job is available in full and parttime.