Oversees the strategy, engineering, and operations of the company’s global security logging and monitoring platform (SIEM), including UEBA and related observability pipelines. This position is responsible for establishing, and continuously improving a security logging strategy that is aligned to and supports prevailing legal, technical, and functional requirements. This position will also be responsible for objectively evaluating, selecting, and evolving tools, platforms, and processes required to effectively execute on the approved strategy together with the team of platform engineers. Additionally, the position will coach the team of platform engineers and establish a co-operative working environment in which value is delivered more efficiently . The successful candidate will possess a strong, diverse technical background in logging platforms coupled with experience in enterprise architecture, agile leadership and cyber security.
responsibilities :
Ownership of the design, operation, processes and sustainment of security logging, monitoring (SIEM) and UEBA platforms incl. related observability pipelines throughout the enterprise to support the company’s Cyber Defense Center capabilities
Maintain a security logging & monitoring strategy that agrees with prevailing legal, technical, and functional requirements, ensuring implementation in an agile setup
Maintain overall industry knowledge on latest trends, technology, processes, and methods and serve as a subject matter expert for Bayer
Continuously evaluate overall market capabilities to ensure not only technology currency, but also the use of best-of-suite platforms, tools, and processes
Ownership of best practices relating to security logging & monitoring incl. UEBA standards
Partner with stakeholders to establish, maintain, and continuously improve monitoring, alerting, and reporting processes
Identify opportunities to automate event detection and, where possible, the handling of detected events to enhance response times and reduce human error and rework
Partner with stakeholders to onboard data sources necessary for the development and sustainment of dashboards, reports, alerts, and KPIs needed to support security visibility throughout the organization
Determine and implement KPIs and metrics which show the value of and health state of the platform to internal stakeholders and allow timely reaction of the Operations team members to fix possible issues
Objectively evaluate and select the products, platforms, and tools required for the effective execution of the logging & monitoring strategy. This includes periodically re-evaluating currently adopted tools for continued efficacy in relation to the evolving strategy
Hire, develop, and lead operations & engineering team members on best practices pertaining to logging & monitoring platforms, independent of reporting lines
As true leader, foster collaboration across the operations & engineering team members and coach team members to continuously learn and evolve
Process ownership of the development, maintenance, approval, and publishing of relevant operational SOP’s, Change Management procedures, and any necessary training
requirements-expected :
10+ years of experience in IT infrastructure, IT Security, or related field
Expert level knowledge of at least one infrastructure monitoring, logging, and analytic platform
Expert level knowledge is required in all aspects of a large enterprise environment, including but not limited to Network, Operating Systems, Cloud Infrastructure, and Middleware, as well as a solid understanding of enterprise applications.
Solid experience with IT Service Management platforms and clear understanding of ITIL processes such as Incident and Change Management.
Understanding of the functional and technical concepts surrounding relational and No-SQL database platforms
Solid experience with identifying, measuring, and reporting performance metrics in a form that is easily consumable by senior IT Leadership
Ability to work individually, in teams, or direct without formal reporting lines the work of others in an organized & structures manner under varying levels of stress
Solid understanding of agile methodologies (e.g. SCRUM) and experience in an agile team environment
High degree of self-learning and self-motivation
Capable to conduct risk assessments in case of cyber attacks
Ability to take action for continuous improvement
Excellent communication and presentation skills
Strong command of the English language, both verbal and written.
offered :
A flexible, remote-hybrid work model
Great workplace in a new modern office in Warsaw
Career development, 360° Feedback & Mentoring programme
Wide access to professional development tools, trainings, & conferences
Company Bonus & Reward Structure
VIP Medical Care Package (including Dental & Mental health)
Holiday allowance (“Wczasy pod gruszą”)
Life & Travel Insurance
Pension plan
Co-financed sport card - FitProfit
Meals Subsidy in Office
Additional days off
Budget for Home Office Setup & Maintenance
Access to Company Game Room equipped with table tennis, soccer table, Sony PlayStation 5 and Xbox Series X consoles setup with premium game passes, and massage chairs
Tailored-made support in relocation to Warsaw when needed
benefits :
sharing the costs of sports activities
private medical care
sharing the costs of foreign language classes
sharing the costs of professional training & courses