Senior Security Engineer Logging SIEM Data Pipelines 100% (f/m/d)

At Julius Baer, we celebrate and value the individual qualities you bring, enabling you to be impactful, to be entrepreneurial, to be empowered, and to create value beyond wealth. Let’s shape the future of wealth management together.

We are seeking a senior security data engineer with deep expertise in SIEM platforms, telemetry pipelines, and security operations tooling to join our global team in Zurich. As the ideal candidate, you combine strong security foundations with a data engineering mindset and are comfortable architecting and operating high-volume, enterprise-scale logging and analytics infrastructure in a regulated financial services environment. You are proactive, technically curious, and thrive in both independent and collaborative work settings.
Your primary responsibilities will involve designing, operating, and evolving our centralised logging and SIEM platforms, building and maintaining data pipelines for intelligent log routing and enrichment, driving SOAR automation, and contributing to the expansion of our security data ecosystem — including early-stage observability use cases. You will work closely with security operations, infrastructure, and application teams to ensure reliable, high-quality data flows from source to insight.

YOUR CHALLENGE

• As part of a dedicated team, architect, operate, and continuously improve the Bank’s centralised logging and SIEM platforms, ensuring high availability, performance, and

• scalability for enterprise-grade data volumes

• Design, build, and maintain telemetry and data pipelines, enabling routing, enrichment, filtering, and multi-destination delivery of security and operational log data while maintaining

• cost-efficiency

• Drive the development and operationalisation of SOAR workflows to accelerate incident response, automate repetitive tasks, and improve security operations efficiency

• Develop and maintain service monitoring, detection content, reports, and dashboards that provide actionable security intelligence to stakeholders across the organisation

• Collaborate with security operations, IT infrastructure, and application teams to integrate new data sources, ensure data quality, and expand platform coverage — including early-stage

• contributions to observability use cases

• Maintain technical documentation including architecture descriptions, runbooks, data flow diagrams, and security parameterisations

• Coordinate the mitigation or resolution of security-relevant platform incidents with internal security stakeholders and external vendors

• Contribute to the development of architecture, standards, and best practices for the centralised logging and telemetry ecosystem

• Provide 2nd and 3rd level engineering support, including participation in an on-call rotation

YOUR PROFILE

• Highly proactive, solution-oriented, and results-driven with strong abstract and conceptual thinking skills

• Structured and goal-oriented approach to work, with the ability to independently assess, prioritise, and resolve complex tasks and requests

• Creative problem solver who challenges the status quo and proposes innovative solutions to existing issues

• Strong communicator who can translate technical complexity into clear guidance for platform users, stakeholders, and cross-functional teams

• Contribute to the development of architecture, concepts, and processes related to the Centralised Logging and Telemetry ecosystem

• Comfortable working across multiple application, infrastructure, and business teams

• Willingness and curiosity to learn new technologies and approaches in a rapidly evolving landscape

• University degree or higher technical education (university of applied sciences, federal diploma) in Computer Science, Information Security, or related discipline — or equivalent

• practical experience

• Minimum 5 years of hands-on experience engineering and administering enterprise SIEM platforms, with experience developing detection content, correlation searches, dashboards,

• and CIM-normalised data models

• Strong experience designing and operating data pipelines and log routing infrastructure, ideally with Cribl Stream or comparable telemetry pipeline tools

• Practical scripting and automation skills with one or more of: Python, Bash/Shell, JavaScript

• Working experience with GIT, SQL, REST APIs, and regular expressions

• Solid understanding of SOAR platforms and security operations automation

• Experience with configuration management tools such as Ansible is an advantage

• Fluent written and spoken English

• Good knowledge of German is a strong plus

We are looking forward to receiving your full job application through our online application tool. Further interesting job opportunities can be found on our Career site.

Is this not quite what you are looking for? Set up a job alert by creating a candidate account here.