Detection Platform Principal Engineer

For Digital Hub Warsaw, we are looking for:

Detection Platform Principal Engineer

Oversees the strategy, engineering, and operations of the company’s global security logging and monitoring platform (SIEM), including UEBA and related observability pipelines. This position is responsible for establishing, and continuously improving a security logging strategy that is aligned to and supports prevailing legal, technical, and functional requirements. This position will also be responsible for objectively evaluating, selecting, and evolving tools, platforms, and processes required to effectively execute on the approved strategy together with the team of platform engineers. Additionally, the position will coach the team of platform engineers and establish a co-operative working environment in which value is delivered more efficiently . The successful candidate will possess a strong, diverse technical background in logging platforms coupled with experience in enterprise architecture, agile leadership and cyber security.

Key Tasks & Responsibilities:

• Ownership of the design, operation, processes and sustainment of security logging, monitoring (SIEM) and UEBA platforms incl. related observability pipelines throughout the enterprise to support the company’s Cyber Defense Center capabilities.

• Maintain a security logging & monitoring strategy that agrees with prevailing legal, technical, and functional requirements, ensuring implementation in an agile setup.

• Maintain overall industry knowledge on latest trends, technology, processes, and methods and serve as a subject matter expert for Bayer.

• Continuously evaluate overall market capabilities to ensure not only technology currency, but also the use of best-of-suite platforms, tools, and processes.

• Ownership of best practices relating to security logging & monitoring incl. UEBA  standards.

• Partner with stakeholders to establish, maintain, and continuously improve monitoring, alerting, and reporting processes.

• Identify opportunities to automate event detection and, where possible, the handling of detected events to enhance response times and reduce human error and rework.

• Partner with stakeholders to onboard data sources necessary for the development and sustainment of dashboards, reports, alerts, and KPIs needed to support security visibility throughout the organization.

• Determine and implement KPIs and metrics which show the value of and health state of the platform to internal stakeholders and allow timely reaction of the Operations team members to fix possible issues,

• Objectively evaluate and select the products, platforms, and tools required for the effective execution of the logging & monitoring strategy. This includes periodically re-evaluating currently adopted tools for continued efficacy in relation to the evolving strategy.

• Hire, develop, and lead operations & engineering team members on best practices pertaining to logging & monitoring platforms, independent of reporting lines.

• As true leader, foster collaboration across the operations & engineering team members and coach team members to continuously learn and evolve.

• Process ownership of the development, maintenance, approval, and publishing of relevant operational SOP’s, Change Management procedures, and any necessary training.
 

Qualifications & Competencies (education, skills, experience):

• 10+ years of experience in IT infrastructure, IT Security, or related field

• Expert level knowledge of at least one infrastructure monitoring, logging, and analytic platform

• Expert level knowledge is required in all aspects of a large enterprise environment, including but not limited to Network, Operating Systems, Cloud Infrastructure, and Middleware, as well as a solid understanding of enterprise applications.

• Solid experience with IT Service Management platforms and clear understanding of ITIL processes such as Incident and Change Management.

• Understanding of the functional and technical concepts surrounding relational and No-SQL database platforms

• Solid experience with identifying, measuring, and reporting performance metrics in a form that is easily consumable by senior IT Leadership

• Ability to work individually, in teams, or direct without formal reporting lines the work of others in an organized & structures manner under varying levels of stress

• Solid understanding of agile methodologies (e.g. SCRUM) and experience in an agile team environment

• High degree of self-learning and self-motivation

• Capable to conduct risk assessments in case of cyber attacks

• Ability to take action for continuous improvement

• Excellent communication and presentation skills

• Strong command of the English language, both verbal and written.

What do We offer:

• A flexible, remote-hybrid work model

• Great workplace in a new modern office in Warsaw

• Career development, 360° Feedback & Mentoring programme

• Wide access to professional development tools, trainings, & conferences

• Company Bonus & Reward Structure

• VIP Medical Care Package (including Dental & Mental health)

• Holiday allowance (“Wczasy pod gruszą”)

• Life & Travel Insurance

• Pension plan

• Co-financed sport card - FitProfit

• Meals Subsidy in Office

• Additional days off

• Budget for Home Office Setup & Maintenance

• Access to Company Game Room equipped with table tennis, soccer table, Sony PlayStation 5 and Xbox Series X consoles setup with premium game passes, and massage chairs

• Tailored-made support in relocation to Warsaw when needed

• Please send your CV in English

You feel you do not meet all criteria we are looking for? That doesn’t mean you aren’t the right fit for the role. Apply with confidence, we value potential over perfection

WORK LOCATION: WARSAW AL.JEROZOLIMSKIE 158

Location:

Poland : Mazowieckie : Warszawa  

Division:

CSRM

Reference Code:

816262