Logo Bundesamt für Sicherheit in der Informationstechnik (BSI)

IT Security Analyst

Job

  • Level
    Experienced
  • Job Field
    IT, Security
  • Employment Type
    Part Time/Full Time
  • Contract Type
    Permanent employment
  • Location
    Bonn
  • Working Model
    Hybrid, Onsite
  • Job Summary

    In this role, you will develop signatures and patterns for malware detection, analyze logging data, and implement automated analyses while considering current cyber threats.

    Job Technologies

    Your role in the team

    • Department I 33 is part of the Federal Security Operations Center (BSOC). This includes, among other services, the collection and analysis of logging and sensor data as well as the detection and mitigation of malware in emails and web traffic.
    • For this purpose, the BSI has developed various systems that are continuously adapted to the threat situation.
    • In particular, the creation and updating of the templates and signatures required for this are the responsibility of Department I 33.
    • The goal is to create sufficient free capacity for the necessary manual analyses by maximizing automation using current products and AI-supported methods, while complying with strict legal requirements.
    • Analysis and evaluation of current 'trends' in the field of detection for the creation of signatures.
    • Identification and evaluation of OSINT information, product developments, and publications on new detection approaches regarding their applicability in the BSOC, as well as prototypical development of new analysis mechanisms for detection.
    • Identification of technical requirements and solutions for automated malware analysis, as well as the design and development of container-based software modules and interfaces, including cross-module and cross-product data exchange formats.
    • Design for an automated creation of detection patterns or signatures based on log and logging data in the context of §§ 8 and 9 BSIG.
    • Development and implementation of services for collecting and managing key figures for §§ 8 and 9 Report BSIG.
    • Procurement and selection of suitable IT sources. Derivation of appropriate influencing factors and development of suitable key figures for description.
    • Collaboration with other operational units of the BSI, e.g., CERT Bund (Computer Emergency Response Team), Mobile Incident Response Teams (MIRT), Technical Analysis / Forensics, Threat Intelligence, Cyber Defense Center, etc.

    This text has been machine translated. Show original

    Our expectations of you

    Education

    • A completed or near-completion university degree (Diploma Univ./Master) in the fields of Computer Science, Technical Computer Science, IT Security, Physics, Mathematics, Communications, Electrical Engineering, or Business Informatics.

    Qualifications

    • You are familiar with the main types of cyberattacks, including having dealt with the topic of Advanced Persistent Threat (APT).
    • Having detailed knowledge in the following areas is advantageous: signature formats such as Yara, ClamAV, or Snort, analysis of programs (especially PE32), scripts (PowerShell, JS, VBS, VBA, etc.), and documents (MS Office, PDF, RTF, etc.), programming (e.g., Python, C/C++, Rust, Bash), installation, configuration, and use of the Elastic Stack.
    • You enjoy working strategically and are able to advance processes in a structured manner.
    • You have a confident and friendly demeanor as well as persuasive oral and written communication skills.
    • In the team, you work openly, are receptive to criticism, and contribute cooperatively as well as proactively to your work.
    • The #TeamBSI benefits from your decisive and goal-oriented working style.
    • Your motivation to learn lifelong and thereby continuously develop your skills, abilities, and knowledge.
    • You have very good German and good/very good English language skills, both written and spoken (German at least C1).
    • You are willing to participate in further training and to undertake occasional business trips, considering work-life balance.

    Experience

    • Good knowledge and ideally practical experience in one or more of the following areas: TCP/IP, current network, server, and software technologies (Layer 1-7), common file types (PDF, PE32, DOCX, etc.), operating systems and standard applications, analysis of log data for operational or security monitoring, experience with LLMs and agent-based workflows.

    This text has been machine translated. Show original

    What we offer

    • A challenging and diverse role with societal added value in shaping a secure digital future for Germany.
    • Work-life balance through flexible working arrangements, the possibility of remote work in Germany, and part-time employment.
    • Targeted onboarding and good development opportunities through training and further education programs for personal and professional qualification.
    • A secure and crisis-proof job, the prospect of civil service, and a versatile health program.
    • A monthly BSI allowance of €200.
    • Support with relocation expenses or separation allowance under certain conditions.
    • A discounted monthly ticket for local public transport (Job Ticket) or alternatively a discounted Germany Ticket.

    This text has been machine translated. Show original

    Benefits

    Work-Life-Integration

    Topics that you deal with on the job

    Job Locations

    • Location Bonn

      Nordrhein-Westfalen

      Germany

    This is your employer

    Bundesamt für Sicherheit in der Informationstechnik (BSI)

    Bundesamt für Sicherheit in der Informationstechnik (BSI)

    Als Cyber-Sicherheitsbehörde des Bundes kümmern wir uns darum, dass die Menschen der digitalen Welt vertrauen können. Mit bislang rund 1.000 Beschäftigten gestalten wir Informationssicherheit in der Digitalisierung durch Prävention, Detektion und Reaktion für Staat, Wirtschaft und Gesellschaft.

    Description

  • Company Type
    Established Company
  • Working Model
    Hybrid, Onsite
  • Industry
    Public Service, Unions
  • Location
    Bonn
    Working Model
    Hybrid, Onsite
    Diversity
    Open for all genders

    More Jobs