Deutsche Bank Technology in Berlin

DB Technology is a global team of tech specialists, spread across multiple trading hubs and tech centres. We have a strong focus on promoting technical excellence – our engineers work at the forefront of financial services innovation using cutting-edge technologies.

Our Berlin location is our most recent addition to our global network of tech centres and growing strongly. We are committed to building a diverse workforce and to creating excellent opportunities for talented engineers and technologists. Our tech teams and business units use agile ways of working to create #GlobalHausbank solutions from our home market.

Central Security Engineering - Threat Response team

The current role is needed in the Central Security Engineering function in the Threat Response team that focuses on strategic onboarding and maintenance of security automation and orchestration tooling. This involves lifecycle management of Security solutions for Monitoring and Response with a focus on Security Orchestration and Automation.

For the CSO data-sources onboarding engineering team, we are looking for a skilled SIEM Cloud Engineer (f/m/x) with Splunk mindset. The successful candidate would be responsible for engineering effort on the data source onboarding process, perform enhancements and take responsibility for the new data source pipeline, parsing and normalization.

->You love this job but feel you cannot tick 100% of the boxes? Send us your CV anyway!

Your key responsibilities

• Data Source Integration & Onboarding: Design, implement, and maintain onboarding pipelines for diverse log sources across Splunk, Chronicle SIEM, and Sentinel platforms
• Develop and optimize parsers, field extractions, and normalization logic to ensure consistent data formatting across platforms
• Collaborate with SOC and threat detection teams to ensure onboarded data supports detection rules, dashboards, and threat hunting capabilities
• Continuously monitor ingestion health, troubleshoot onboarding failures, and resolve parsing or enrichment issues in real-time
• Maintain detailed onboarding documentation of data-sources and configurations

Your skills and experiences

• Hands-on Experience with SIEM Platforms with expertise in Splunk (including SPL), Chronicle SIEM (UDM format), and Microsoft Sentinel (KQL, Log Analytics)
• Cloud & Networking Fundamentals with solid grasp of cloud environments (Azure, GCP) and networking concepts to support data Ingestion from hybrid infrastructures
• Good knowledge of operating system loging (windows, Linux), Network/Security devices (firewalls, IDS/IPS, proxies) and Cloud platforms (GCP, Azure, AWS)
• Log Source Knowledge and familiarity with common log formats (Syslog, JSON, CEF, Windows Event Logs) and security data sources (firewalls, EDR, cloud logs).
• Understanding of Security FrameworksKnowledge of MITRE ATT&CK, NIST, or other frameworks to align data onboarding with threat detection needs.
• Experience with CI|CD tools and SIEM configuration and Infra as Code, Terraform preferred

What we offer

We provide you with a comprehensive portfolio of benefits and offerings to support both, your private and professional needs.

• Emotionally and mentally balanced
  A positive mind helps us master the challenges of everyday life – both professionally and privately. We offer consultation in difficult life situations as well as mental health awareness trainings.

• Physically thriving
  We support you in staying physically fit through an offering to maintain personal health and a professional environment. You can benefit from health check-ups; vaccination drives as well as advice on healthy living and nutrition.

• Socially connected
  Networking opens up new perspectives, helps us thrive professionally and personally as well as strengthens our self-confidence and well-being. You can benefit from PME family service, FitnessCenter Job, flexible working (e.g parttime, hybrid working, job tandem) as well as an extensive culture of diversity, equity and inclusion.

• Financially secure
  We provide you with financial security not only during your active career but also for the future. You can benefit from offerings such as pension plans, banking services, company bicycle or “Deutschlandticket”.

Since our offerings slightly vary across locations, please contact your recruiter with specific questions.

This job is available in full and parttime.

In case of any recruitment related questions, please get in touch with Luisa Moderzinski.

Contact Luisa Moderzinski: +49 (151) 5651-6413

We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively.