Security Operations - SIEM Specialist - Splunk & HP ArcSight

freiberufler Security Operations - SIEM Specialist - Splunk & HP ArcSight auf
auf Anfrage
es  |  en  |  de
60594 Frankfurt am Main


Information Security Specialist with extensive experience in security operations in the financial sector. As a SIEM specialist, my main expertises consist of the development of security solutions and the strategical design of the tool.

Ich biete

IT, Entwicklung
  • IT Sicherheit (allg.)

  • SIEM
  • Splunk
  • Use Case Development
  • Security Operations

Projekt‐ & Berufserfahrung

Cyber Security Operations - Information Security Specialist (Festanstellung)
Deutsche Bank AG, Frankfurt am Main
4/2018 – 6/2020 (2 Jahre, 3 Monate)
IT & Entwicklung

4/2018 – 6/2020


As a SIEM specialist, my main tasks are the development, evaluation, and implementation of content in Splunk – as to provide the security solutions required by the Information Security Office (ISO).
Additionally, I am the Splunk technical lead in my team. Part of my responsibilities include the supervision of use case management and quality control. Furthermore, I oversee the data collection strategy and data quality from an ISO perspective.
As a member of the Cyber Security Operations team, I am highly involved in the day-to-day operations - collaborating with other departments, such as the SOC, Threat Intelligence (TI), and Malware in the resolution of investigations and security incidents.
Other organizational activities of my current role, are the definition and management of the day-to-day operations for the team and the training of new team members.

Eingesetzte Qualifikationen

IT Sicherheit (allg.)

IT Security Consultant (Festanstellung)
CSPI GmbH, Frankfurt am Main
10/2016 – 3/2018 (1 Jahr, 6 Monate)
Financial Services

10/2016 – 3/2018


My main tasks were the development, evaluation and implementation of content in Splunk and HP ArcSight in order to provide the security solutions required by the customer.
During this period, I was involved in a long-term project for a global banking organization. The main points of this project were the migration of the SIEM solution in place from HP ArcSight to Splunk, and the creation of a new SIEM solution. The main activities and responsibilities of this project include:
- Definition of the necessary processes and documentation for creating new content in Splunk.
- Supporting the content migration between the SIEMs.
- Defining the data collection needed for the creation of a SIEM focused on security monitoring.
- Cooperation with Splunk Engineering to develop the data feed on-boarding process.
- Development of new use cases
- Migration of existing use cases
- Tuning and optimization of the existing content.
- Working in cooperation with SOC in order to improve the security monitoring in place.
- Supporting the Threat Intelligence team in the hunting activities: searching bad actors, IOC and/or creating alerting use cases for future detections.

Eingesetzte Qualifikationen

IT Sicherheit (allg.)

IT Security Consultant (Festanstellung)
iT-CUBE SYSTEM AG, Frankfurt am Main
2/2015 – 9/2016 (1 Jahr, 8 Monate)
IT & Entwicklung

2/2015 – 9/2016


The first months of this position were dedicated to my formation, which consists of the following
trainings: HP ArcSight ESM Security Analyst-AESA, HP ArcSight Bootcamp, FlexConnector training, HP ArcSight Logger training, ArcSight Administrator training. Besides these trainings I was carrying out micro tasks to support an existing project.
Customer Period Circa April 2015 I was involved in a large project for a global banking and financial services company.
The main activities and responsibilities of this project include:
- Development and implementation of use cases.
- Tuning and optimization of the existing content.
- Development and deployment of Flex-Connectors
- Working in cooperation with SOC and ArcSight Engineering in the improvement of the SIEM.
- Working in cooperation with different departments and the corresponding subject matter experts in order to carry out new security solutions.

Eingesetzte Qualifikationen

IT Sicherheit (allg.)

Assistant Examiner
European Patent Office, München
2/2012 – 8/2014 (2 Jahre, 7 Monate)
Intellectual Property

2/2012 – 8/2014


My main tasks were classification, reorganization and study of patent documents and scientific literature in the technical field of cryptographic mechanisms for secret or secure communication.

Eingesetzte Qualifikationen

IT Sicherheit (allg.)


GIAC Certified Incident Handler (GCIH
Juni 2019

GIAC Certified Detection Analyst (GCDA)
Oktober 2018

Splunk Power User Certified
Dezember 2016

ComTIA Security+
Juli 2015

ComTIA Network+
Juni 2015

HP ArcSight ESM Security Analyst-AESA
Februar 2015

WiDaF-German as a foreign language in international business (C1)
Januar 2015


Telecommunications Engineering
(Master of Science)
Jahr: 2011
Ort: Vigo, Pontevedra, Spain


- Cybersecurity skills: cryptography, network security, SIEMs, data analytics, endpoint security, threat intelligence, threat analytics, security operations, security operation center, etc.
- Security products: Splunk, HP ArcSight, SEP, FireEye, Tanium, CheckPoint FW & IPS, FireSight, iSight, ProofPoint, Umbrella, McAfee Web Gateway, etc.
- Other technical skills/knowledge: networking, electronics, telecommunications, signal processing, operative systems, software engineering, acoustics, programming, consultancy, etc.
- Computer skills I usually program in C, C++, Matlab and I also have experience in Python, VHDL and Pascal. I have a good command of Windows and Linux.

Über mich

I am a very proactive and dynamic person with good ability to adapt to multicultural environments, gained through my international experiences. I have also developed social and team working skills during my university studies, as well as during my professional period.

Persönliche Daten

  • Spanisch (Muttersprache)
  • Englisch (Fließend)
  • Deutsch (Grundkenntnisse)
auf Anfrage
  • Europäische Union
  • Schweiz
8 Jahre und 9 Monate (seit 02/2012)
2 Jahre


Nur registrierte PREMIUM-Mitglieder von können Kontaktdaten einsehen.

Jetzt Mitglied werden »