Product Owner – SIEM Engineering (m/f/diverse)

The company

Commerzbank is a leading international commercial bank with branches and offices in almost 50 countries. The world is changing, becoming digital, and so are we. We are leaving the traditional bank behind us and we are choosing to move forward as a digital enterprise.

As part of this strategy, Commerzbank continues the expansion of its Digital Technology Center in Sofia, Bulgaria. We need motivated people who will join us on this journey, and we are looking for a Product Owner – SIEM Engineering in our Cyber Defense team.

Your tasks:

• Defining and maintaining the SIEM roadmap, aligning with broader threat-driven cybersecurity strategy and priorities.
• Leveraging industry frameworks (such as MITRE ATT&CK) and asset criticality to prioritize, drive and track:
• Onboarding of data sources
• Definition and implementation of use cases
• Designing, developing, and maintaining threat detection use cases across SIEM, EDR, and cloud-native platforms.
• Collaborating with Threat intelligence and Hunting teams to define and prioritize requirements to ensure detection capabilities align with emerging and evolving threats.
• Driving engineering teams to enhance automation, integration and platform functionality.
• Developing and maintaining reporting capabilities.
• Coordinating with global, regional, and functional leadership to ensure alignment and consistent performance across processes and capabilities.

Your profile:

• Strong experience in cybersecurity, including 5+ years in a functional leadership role, preferably within the Banking and Finance industry.
• Deep understanding of industry frameworks such as MITRE ATT&CK, Kill-chain and experience with SIEM platforms.
• Proficiency in designing and optimizing correlation rules, dashboards, and alert workflows to improve detection capabilities.
• Experience with log onboarding and parsing.
• Experience with hybrid cloud and on-premises environments, ensuring comprehensive visibility across all infrastructures.
• Professional certifications such as CISSP or vendor specific like (Splunk, Sentinel, QRadar, LogRhytm) are preferred.
• Proven track record of running and managing Cyber security teams.

In return, we offer:

• Good work-life balance, including 25 days annual paid leave (increasing with 1 day per year up to 31 in total), flexible working hours, work from abroad and work-from-home opportunities;
• Luxury package of additional health and dental insurance;
• Food vouchers in the amount of 128 BGN monthly;
• 6 additional annual days off for exceptional circumstances;
• Employee assistance program for psychological, financial and legal consultations;
• Multisport card;
• Annual contribution of 300 BGN net per child for a summer camp/school/kindergarten for children up to age of 15;
• Possibilities for building career-advancing skills by covering training/certification courses and conferences based on individual learning and development needs, access to an online learning platform;
• Opportunities for long-term professional development in a stable, 150-year-old company while contributing to the vision of a new, just starting Digital Technology Center;
• Friendly and supportive multicultural environment, open to new opinions and ideas.

Commerzbank is proud to be an equal opportunity employer, committed to creating a diverse environment. All qualified applicants will receive consideration for employment without regard to gender, race, color, national origin, religion, gender identity or expression, sexual orientation, genetics, disability, age, or any other characteristics.

Challenge accepted? Apply now with your up-to-date CV in English!

Only shortlisted candidates will be invited to interview.