SIEM Operations Engineer

Direct message the job poster from Volkswagen Financial Services Portugal

Who is Volkswagen Financial Services?

It's been more than 70 years since Volkswagen Financial Services AG financed the first Volkswagen vehicles in Germany in 1949. A lot has changed since then, but our core goal hasn't; ensuring we meet the mobility needs of the people.

Volkswagen Financial Services today operates in 48 markets through its various subsidiaries, shareholdings, and joint ventures. Volkswagen Financial Services is the largest provider of automotive financial services worldwide.

At VWFS Porto, we are proud to foster a
- equal workplace, where diversity is celebrated, and every individual is provided with equal opportunities to thrive and succeed.

What do we do?

VWFS Porto is a VWFS AG IT hub, and the first outside Germany. Here we will establish a
- term Business & IT company. Our primary goal is to service all European markets in implementing and maintaining contract management systems and another IT projects in other areas. Our focus is on: Core systems, satellite systems (such as document management systems, collection systems) but also extends to integrations, data, and large project organizations. For this we seek a hands‑on SIEM Operations Engineer.

Objectives

As an SIEM Operations Engineer, you will support the reliable operation of the IBM QRadar platform and its supporting infrastructure. You will learn and execute routine tasks, assist with log‑source lifecycle activities and contribute to documentation and continuous improvement, working closely with senior colleagues.

In this role you will be responsible for:

• Operating and monitoring the IBM QRadar SIEM environment under supervision, including executing documented updates and configuration changes;
• Assisting with the management of a large estate of log sources (≈23, 000): verifying activity, onboarding new sources, decommissioning inactive ones, and ensuring correct parsing and normalization;
• Performing health checks and monitoring of log ingestion, parsing, and system performance;
• Supporting the implementation and testing of logging standards and compliance use cases by preparing test data, executing predefined checks, and documenting results;
• Assisting in basic tasks and routine maintenance of auxiliary systems such as Git
  Lab, rsyslog, and Linux‑based services used in SIEM operations;
• Developing and executing basic scripts (Python or Bash) to automate routine checks, diagnostics, and data collection under guidance;
• Assisting in managing certificate renewals, DNS/NTP configurations, and basic network diagnostics;
• Monitoring and reporting on backup jobs, storage utilization, and system health metrics;
• Supporting patching and upgrade activities for the SIEM platform and supporting infrastructure under supervision;
• Assisting in troubleshooting and resolving platform issues including server reboots, OS‑level errors, disk failures (e. g. , RAID‑related), issues identified via i
  LO, and service outages;
• Participating in on‑call duty rotations after onboarding, contributing to 24/7 operational support with senior backup;
• Collaborating with infrastructure, application, and security teams to resolve issues and improve service delivery;
• Documenting actions and findings in the ITSM platform and contributing to knowledge base updates.

We believe that the right profile for this job should have / be:

• 0–2 years of experience in IT operations, security operations, or security infrastructure support;
• Basic working knowledge of IBM QRadar or similar SIEM platforms;
• Foundational Linux system administration skills and introductory scripting (Python or Bash);
• Exposure to Git and centralised logging systems (e. g. , rsyslog);
• Comfortable working in a high‑availability, security‑focused environment with guidance;
• Strong analytical and troubleshooting mindset; eagerness to learn and follow structured processes;
• Good communication skills and a proactive, team‑oriented attitude;
• IBM QRadar Certification (Associate Administrator) - (recommended);
• Linux Professional Certification Level 1 or equivalent - (recommended).

Nice to have / Considered a plus:

• ITIL 4 Foundation certification or equivalent qualification (foundational knowledge in IT service management);
• Exposure to SIEM tuning and rule optimisation concepts;
• Exposure to cloud‑based logging and hybrid environments;
• Awareness of security frameworks and compliance standards (e. g. , ISO 27001, NIST);
• Familiarity with automation tooling and CI/CD concepts.

Qualifications:

• Bachelor’s degree in IT, Computer Science, or a related field;
• Exposure to Agile methodologies (Scrum, Kanban) and SDLC tools (e. g. , Jira, Confluence);
• Basic understanding of performance monitoring and integration concepts;
• Proficiency in English, both written and verbal.

What we Offer:

• Competitive package including private health insurance, life insurance and meal allowance (pay by meal card);
• Bonuses and benefits depending on performance;
• Schooling allowance and pension scheme;
• Incredible and unique annual company events;
• Opportunity to work on an international project and be part of multicultural and multidisciplinary team;
• Solid performance evaluation and career management methodologies;
• Continuous training – technical and behavioural development.

Seniority level

• Entry level

Employment type

• Full‑time

Job function

• Information Technology

Referrals increase your chances of interviewing at Volkswagen Financial Services Portugal by 2x

Backend + Web Operations Engineer - READ THE TEXT DONT JUST CLICK APPLY

Asset Surveillance and Intelligence Process Engineer

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.