SIEM Cloud Engineer (f/m/x) - Central Security Engineering

Position Overview

We are a global team of tech specialists in Berlin and a part of Deutsche Bank Technology. We focus on promoting technical excellence and our engineers work at the forefront of financial services innovation using cutting‑edge technologies.

Our Berlin location is part of our global network of tech centres. We are committed to building a diverse workforce and creating excellent opportunities for talented engineers and technologists. Our tech teams and business units use agile ways of working to create global solutions.

Key Responsibilities

• Data Source Integration & Onboarding: Design, implement, and maintain onboarding pipelines for diverse log sources across Splunk, Chronicle SIEM, and Sentinel platforms.
• Develop and optimize parsers, field extractions, and normalization logic to ensure consistent data formatting across platforms.
• Collaborate with SOC and threat detection teams to ensure onboarded data supports detection rules, dashboards, and threat hunting capabilities.
• Continuously monitor ingestion health, troubleshoot onboarding failures, and resolve parsing or enrichment issues in real time.
• Maintain detailed onboarding documentation of data‑sources and configurations.

Your Skills And Experiences

• Hands‑on experience with SIEM platforms, expertise in Splunk (SPL), Chronicle SIEM (UDM format), and Microsoft Sentinel (KQL, Log Analytics).
• Cloud & networking fundamentals with a solid grasp of cloud environments (Azure, GCP) and networking concepts to support data ingestion from hybrid infrastructures.
• Good knowledge of operating system logging (Windows, Linux), network/Security devices (firewalls, IDS/IPS, proxies) and cloud platforms (GCP, Azure, AWS).
• Log source knowledge and familiarity with common log formats (Syslog, JSON, CEF, Windows Event Logs) and security data sources (firewalls, EDR, cloud logs).
• Understanding of security frameworks, knowledge of MITRE ATT&CK, NIST, or other frameworks to align data onboarding with threat detection needs.
• Experience with CI/CD tools and SIEM configuration and infra as code, Terraform preferred.

What We Offer

• Emotionally and mentally balanced – we offer consultation in difficult life situations and mental health awareness trainings.
• Physically thriving – we support you in staying physically fit through health check‑ups, vaccination drives and advice on healthy living and nutrition.
• Socially connected – networking opens up new perspectives, helps us thrive professionally and personally and we strengthen diversity, equity and inclusion.
• Financially secure – pension plans, banking services, company bicycle or “Deutschlandticket” and more.

Contact

In case of any recruitment related questions, please get in touch with Luisa Moderzinski.

Contact Luisa Moderzinski:

EEO Statement

Wir begrüßen Bewerbungen von allen Menschen und fördern ein positives, faires und integratives Arbeitsumfeld.

#J-18808-Ljbffr