Associate Vice President - Senior Lead Security Detection Engineer [T500-21564]

About Deutsche Börse Group:

Headquartered in Frankfurt, Germany, Deutsche Börse Group is a leading international exchange organization and market infrastructure provider. They empower investors, financial institutions, and companies by facilitating access to global capital markets.

Their India centre is located in Hyderabad, serves as a key strategic hub and comprises India’s top-tier tech talent. They focus on crafting advanced IT solutions that elevate market infrastructure and services. Deutsche Börse Group in India is composed of a team of capital market engineers forming the backbone of financial markets worldwide.

Your area of work:

In your new position, you will become a member of the Cyber Defense team, part of Group Security. The Cyber Defense team is responsible for all aspects of Security Information and Event Management (SIEM), Computer Emergency Response (CERT), and Security Operations Center (SOC).

As we scale our Extended Detection and Response (XDR) capabilities, we are seeking XDR Specialist with deep expertise in SIEM platforms, security automation/orchestration frameworks to Design and implement advanced detection logic by correlating signals across endpoints, network, cloud, and identity sources to uncover sophisticated threats.

Your responsibilities:

• Develop and maintain detection rules and analytics across multiple telemetry sources (e.g., endpoint, network, cloud, identity).
• Continuously monitor threat signals and anomalies, leveraging XDR capabilities to identify malicious behaviours and tactics.
• In addition, you will support the development of advanced detection content aligned with MITRE ATT&CK and custom threat scenarios, and you contribute to high quality documentation, operational runbooks, and knowledge resources for detection and automation processes.
• Perform gap analysis to identify missing telemetry or detection coverage and recommend improvements.
• Tune detection logic to reduce false positives and enhance fidelity of alerts for faster triage and response.
• Contribute to the creation of automated detection playbooks and workflows to streamline threat identification and escalation.
• Apply log parsing expertise to ensure data is correctly structured and enriched ensuring that detection engineering, automation, and orchestration capabilities are robust, scalable, and aligned with business objectives

Your profile:

• 3+ years of experience working in the field of Cyber Security
• Experience working with XDR platform (Microsoft Defender XDR, Cortex XDR, CrowdStrike XDR or similar)
• Experience working with SIEM platform, implementing use-cases and automation playbooks (Splunk, Sentinel, ArcSight or similar)
• Understanding of security telemetry with a focus on endpoints, network and cloud logs
• Solid technical background and practical knowledge in scripting or query language (KQL, Sigma, Yara, Python or similar) and API integration
• Good knowledge and understanding of Cyber Security technologies, processes, and methodologies (e.g., SIEM, XDR, SOAR, EDR, IDS/IPS, threat analysis, incident response, forensics analysis, Kill Chain, MITRE ATT&CK)
• Excellent analytical skills, creativity, critical thinking, team player, ability to identify problems and propose solutions
• Proficiency in written and spoken English; French and/or German is an asset