Cyber Security (Threat Detection)

Job Description

Organization: Corporate Technology
Business Unit: Cybersecurity
Requisition Number: 246853
Primary Location: United States-Ohio-Milford
Assignment Category: Full-time regular
Experience Level: Entry level
Education Required Level: Associate's Degree / College Diploma
Travel Required: 5%

Division Description:

Siemens is a global technology powerhouse that has stood for engineering excellence, innovation, quality, reliability and internationally for more than 165 years. As a global technology company, Siemens is rigorously leveraging the advantages that this setup provides. To tap business opportunities in both new and established markets, the Company is organized in seven Divisions: Power and Gas, Power Generation Services, Energy Management, Building Technologies, Digital Factory, Process Industries and Drives, and Financial Services.
Our support functions are split into two organizations, Corporate Core and Corporate Services. These organizations provide essential services to better enable responsible and profitable growth.
For more information, please visit:

Job Description:

Position Overview:
The Cyber Security Analyst will be part of the Cyber Defense Center for the Americas (CDC), which is tasked with the primary mission to detect, analyze, investigate, and defend against sophisticated digital attacks.
In this position, you will report to the Head of the Cyber Defense Center for the Americas and be part of the Threat Detection and Analysis team. You will work alongside peers and actively contribute to alert triage, investigations, and provide input to different approaches to threat detection and response.
You will be expected to contribute to the following activities:
• Correlate actionable security events from various log sources which either feed or supplement the Security Information and Event Management (SIEM) solution
• Review threat data from various sources, and develop custom signatures for open source Intrusion Detection Systems (IDS) or other custom detection capabilities
• Perform network traffic analysis
• Employ advanced forensic tools
• Utilize understanding of attack signatures, tactics, techniques and procedures associated with advanced threats
• May conduct malware analysis of attacker tools providing indicators for enterprise defensive measures, and reverse engineer attacker encoding protocols
• Interface with remote team members located across the globe
Required Knowledge/Skills, Education, and Experience:
• Associate degree in a Computer Science/Engineering or Information Technology related field required or equivalent experience will be considered.
• 2+ years of successful work experience in IT technologies including networking, operating systems, or a related field
• Knowledge of networking protocols (such as TCP, UDP, DNS, FTP, SMTP, DHCP, etc.)
• Knowledge of Windows operating system functionality (file system structure, registry keys, scheduled tasks, processes, services, memory management, data storage, etc.)
• Capable of learning new concepts and processes quickly, and adapting to a constantly changing environment
• Ability to apply advanced skill set to resolve complex problems
• Excellent analytical and critical thinking skills
• Excellent interpersonal and communication skills (verbal & written)
• Team player
• Required Travel:  <10% (domestic and international)
Preferred Knowledge/Skills, Education, and Experience:
The following knowledge/skills, education, and experiences are preferred but NOT required to be considered for this position:
• Preference will be given to those with experience in analyzing and/or reversing malware
• Experience managing an investigation; understanding the methodologies for investigative triage, case/investigation definition, etc.
• Application of common Cyber Security concepts including Intrusion Detection Systems, Host Intrusion Prevention Systems, and Anti-Virus Solutions
• Understanding of the Windows File System structure, and ability to recover deleted files, search hidden files, and access registry keys
• Knowledge of Operational Security (OpSec) principles for cyber operations with an emerging understanding of the relationships between the cyber domain disciplines
• Ability and experience capturing and analyzing volatile (in-memory) data
• Experience with network signature development with tools such as SNORT, NetFLOW, WireShark, tcpdump or related tools
• Experience with central log collection, indexes, searching and analysis
• Ability to interpret logs in the context of security events/intrusions and make accurate conclusions

Qualified Applicants must be legally authorized for employment in the Unites States. Qualified Applicants will not require employer sponsored work authorization now or in the future for employment in the United States.


Equal Employment Opportunity Statement
Siemens is an Equal Opportunity and Affirmative Action Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to their race, color, creed, religion, national origin, citizenship status, ancestry, sex, age, physical or mental disability, marital status, family responsibilities, pregnancy, genetic information, sexual orientation, gender expression, gender identity, transgender, sex stereotyping, protected veteran or military status, and other categories protected by federal, state or local law.

EEO is the Law
Applicants and employees are protected under Federal law from discrimination. To learn more, Click here.

Pay Transparency Non-Discrimination Provision
Siemens follows Executive Order 11246, including the Pay Transparency Nondiscrimination Provision. To learn more, Click here.

Can't find what you are looking for?

Let's stay connected

Can't find what you are looking for?