IT Cyber Analyst - Advisory
Business Unit: Product Lifecycle Management-PLM
Requisition Number: 228141
Primary Location: United States-Ohio-Milford
Assignment Category: Full-time regular
Experience Level: Mid level
Education Required Level: Bachelor's Degree
Travel Required: 5%
Siemens Digital Factory offers a comprehensive portfolio of seamlessly-integrated hardware software and technology-based services in order to support manufacturing companies worldwide. Siemens PLM Software, a Plano, Texas-based business unit of the Digital Factory Division, is a leading global provider of product lifecycle management (PLM) and manufacturing operations management (MOM) software, systems and services with over nine million licensed seats and more than 77,000 customers worldwide.
For more information, please visit:
Monitors, evaluates, and maintains systems and procedures to safeguard internal information systems and databases. Researches, recommends, and implements changes to enhance systems security. Operates under general supervision and has latitude for independent judgment. Demonstrates high level of proficiency and may consult with more senior peers on projects of moderate complexity and scope. This role will analyze anomalous attack detection alerts for signs of cyber intrusions then lead any subsequent incident response activities. Leads security investigations.
Cyber Analyst –Advisory
position reports to the Director, IT Security in the GS IT DF PL PMO GCS
organization. This organization is dedicated to providing cyber security
analysis and support to the Siemens PL organization.
- Experience with centralized logs collection and analysis.
- Thorough understanding of syslog and Windows event ID’s.
- Understanding of applications logs such as Apache, Weblogic, IIS, WebSphere, etc. Ability to interpret logs in the content of security events/intrusions and make accurate conclusions.
- Manage investigations; understanding the methodologies for investigative triage; Case/investigation definition, etc.
- Conducting investigations and the preservation of the chain of evidence.
Required Knowledge/Skills, Education, and Experience
- Computer Science, Mathematics degree or equivalent experience
- 6+ years of technical experience
- 3+ years of industry experience
- 6+ years of work experience
- Proficient with Splunk, InTrust, or similar SIEM tool.
- Familiarity with common network device security logging such as Cisco IOS, Windows, Linux, Unix, Checkpoint Firewalls, and Juniper or Pulse Secure VPN.
- Thorough understanding of computer security incident response methodologies.
- Ability to lead a security investigation in all phases of data gathering, analysis and correlation.
- Minimal travel required- 5%
Preferred Knowledge/Skills, Education, and Experience
- GIAC, CSSIP, or similar certification is a plus.
- Preferred industry experience (5+ years)
- Splunk certification or 3 + years of experience programming in Splunk
Qualified Applicants must be legally authorized for employment in the United States. Qualified Applicants will not require employer sponsored work authorization now or in the future for employment in the United States.