Security Engineer (m/f/d) - SIEM & Log Management

On behalf of our client, a well-known company from the insurance industry based in Wiesbaden, we are looking for a Security Engineer (m / f / d) as the technical backbone for the cyber defense strategy.

• A permanent contract with a crisis-proof employer.
• An attractive, collectively agreed salary with extensive social benefits (e.g. company pension scheme).
• Flexible working time models and the option of mobile working.
• A modern working environment and targeted support for your professional development.
• A responsible position at the heart of the Cyber Defense strategy.

In this central role, you will be responsible for the SIEM platform (Cisco Splunk) and the data pipelines (Cribl) that process all security-relevant information.

Important: You are not part of the 24 / 7 monitoring team (this is handled by an external SOC). Your task is to provide this SOC with the best possible technical platform and database for the analysis and to manage the collaboration.

• Administration, further development and documentation of the central IT security infrastructure
• Focus on Security Information & Event Management (SIEM) with Cisco Splunk
• Responsibility for log management and data pipelining with Cribl
• Operation, hardening and optimization (security, network, performance) of the underlying Linux servers (RHEL)
• Control of vulnerability & patch management (Tenable / HCL BigFix)
• Technical coordination and control of the external Security Operations Center (SOC)
• Close coordination with internal specialist departments (e.g. network, cloud)
• Technical implementation of regulatory requirements (e.g. DORA) within the SIEM platform

You are the "data architect" for security logs and understand how to derive the necessary monitoring requirements from architecture plans (DMZ, ZeroTrust).

• Completed studies in computer science, business informatics (or similar) and at least 3 years of professional experience in the IT security environment OR
• Completed IT training (e.g. IT specialist) and at least 5 years of professional experience in the IT security environment.
• Sound experience in the administration and engineering of SIEM platforms (ideally Splunk) and log management solutions (ideally Cribl) based on Linux (RHEL)
• Experience in vulnerability management (e.g. Tenable)

You do not need to administer the following systems yourself, but understand how to tap into and interpret their data :

• Firewall & VPN (Check Point / Forcepoint)
• Network Access Control (Forescout) Virtual Network Environments (VMware NSX)
• Cloud platforms (Hyperscaler)
• Very good knowledge of German (written and spoken)
• Good knowledge of English (written and spoken)