International business requires an international corporate philosophy. Are you open to new ideas and do you value cultural diversity? At Raiffeisen Bank International, we are pleased to have more than 16 million customers in 13 CEE countries. And our journey continues – with exciting new issues for us to tackle such as digitalisation and changing customer needs. Join us on our journey.
RBI is fostering its Business for the next generation in Information & Cyber Security.
As crucial part of the Group Raffeisenbank International Cyber Defense Center department this function develops detection and prevention mechanism to foster our digitalization journey and the business confidence of our customers.
In this position you will be member of a group SOC Team. This includes engineering and administration of the RBI SIEM Splunk environment. You will lead the implementation of dashboards, Splunk app, data models and alerts. You will work together with data source owners to integrate data sources and supports the requirements for building use cases. What you can expect:
What you bring to the table:
- Administering Splunk environments and Splunk applications include developing applications that provide insight into a business process
- Performing maintenance and optimization of existing clustered Splunk deployments
- Provide best practices in adoption, expansion, and operations of Splunk Enterprise and Splunk Cloud
- Monitor operations of Splunk platform to enable proactive issue identification, response, and resolution
- Recommend and execute improvements to the existing Splunk architecture and design with growth and scalability in mind to optimize performance, stability, reliability, and agility
- Responsible for reporting on current infrastructure status, and planning for future usage
- Communicating with customer stake holders to include leadership, support teams, and system administrators
- Investigate alerts and anomalies and participate in incident response.
- Assist in defining Operational Security related processes and procedures responsible for implementing processes, providing support to the 24x7
- Support the onboarding process for new infrastructure and business applications within the whole RBI group
What we offer:
- Strong Experience in a Splunk cluster integration with SIEM Background
- Strong understanding with onboarding new data sources in Splunk, analyzing the date for anomalies/trends, and building dashboard for key trends
- Solid understanding of network transport protocols and services (TCP/IP, syslog, DNS, ODBC, SFTP, SSH, PKI, etc.)
- Splunk certified administrator certification
- Knowledge of Azure Sentinel SIEM Solution
- Professional experience with both Windows and Linux/Unix operating systems
- Practical experience of cloud concepts either using AWS or Azure
- Strong understanding of DevSecOps concepts, full lifecycle development for systems/applications
- Experience automating workflows with Splunk Phantom
- Self-starter with the ability to independently prioritize and complete multiple tasks with little to no supervision
- A master’s degree in security/engineering, computer science or business information systems or adequate practical experience
- Excellent command of written and spoken English and German
- Experience in a large international banking environment is an asset
- You’ll work in an international team at a leading bank
- You’ll benefit from flexible working arrangements and determine your own work-life balance
- You’ll benefit from the very latest in tailored professional development
- You’ll earn an appropriate salary starting at 47.000 gross p.a. excluding overtime
RBI AG is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ethnicity, race or color, national origin, religion, political or other opinion, gender, sexual orientation or disability.