In today’s digital age, the safeguarding of information is paramount. For institutions such as Commerzbank, one of Europe’s largest banks, this responsibility is not just a regulatory requirement but a cornerstone of their operations.
An important part of these cybersecurity efforts is happening in Bulgaria – in Commerzbank DTC Sofia. Given the trendy nature of cybersecurity as a topic, In the following article, we explore the roles, purpose, and opportunities within Commerzbank’s cybersecurity department, shedding light on why a career in this field is a compelling opportunity.
What does the cybersecurity team at a bank do?
Cybersecurity at Commerzbank is spread across multiple teams, aligning with the Bank’s adherence to the Separation of Duty security principle. This essentially means that no individual person or group should be able to execute all parts of a transaction or process.
In Sofia, the Bank’s cybersecurity efforts are hosting several critical teams:
- The Security Information and Event Management (SIEM) Engineering Team ensures the operational health of the SIEM platform, managing detection rules, log sources, and service enhancements. They develop security monitoring use cases to manage cyber risks effectively.
- The Vulnerability and Compliance Management (VCM) Team is tasked with scanning all company configuration items for vulnerabilities, this team’s efforts are critical in identifying and mitigating potential security breaches before they occur.
- The Threat Exposure Management Team focuses on identifying how critical assets might be exploited by attackers. They create simulation use cases that provide a hacker’s perspective on potential attacks, enhancing the bank’s defensive strategies.
Why is working in cybersecurity an interesting career nowadays?
In the banking sector, where the stakes of cybersecurity are exceedingly high due to the sensitive nature of financial data, the evolution of cyber threats necessitates a sophisticated and proactive approach to information security. IBM’s Cost of a Data Breach reports have consistently highlighted financial institutions as one of the most affected industries, with substantial financial repercussions following breaches. As banks like Commerzbank manage an ever-expanding array of digital assets—from customer data to transaction records—the need for robust cybersecurity infrastructure becomes a top priority.
“You are taking part in keeping one of the most important resources – information in the form of computer data. As IT data sources are ever-growing and evolving, so are the need of visibility and protection over them. Luckily, not only are the threat actors expanding their toolset – so also we have new solutions, which require up-to-date security specialists to operate them,” says Stefan Dimitrov, SIEM Engineer at Commerzbank DTC Sofia.
Commerzbank DTC Sofia as a location for Cybersecurity career development
Atanas Pishimarov, another important member of the SIEM team, shares his perspective:
” For junior talent who want to be involved in cybersecurity, the atmosphere at the Bank is great. You have all the seasoned veterans in the industry always willing to help and many other young talents also wanting to grow. Having access to the most modern cybersecurity solutions is very rare and valuable for a junior colleague. My focus right now is the integration of an attack simulator software in Commerzbank.”
This is a project that spans both organisational and technical aspects, highlighting the Bank’s proactive approach to cybersecurity.
Commerzbank manages a vast infrastructure that extends beyond traditional banking, encompassing on-premises and cloud solutions. This extensive setup not only provides a rich environment for learning and development but also challenges the team to continually maintain and enhance security measures. Additionally, such an environment provides the benefit of seeing and working with different products and teams, following best practices and strictly controlled processes.
Proactive cybersecurity defence
All members of the cybersecurity team at Commerzbank DTC Sofia agree with the saying that – “prevention is ideal, but detection is a must”. A modern Security information and event management solution such as those developed by the team uses a combination of threat intelligence resources, user behavior analytics, and AI-enhanced incident analysis. “All of this improves our chances of detecting attacks at the earliest stages, enabling us to react even before a malicious event takes place,” Atanas says.
In addition, having an attack simulator and regular vulnerability scan in your environment is a must if you want a strong security level. This piece of software views your network and valuable assets through the eyes of a potential hacker. That is why it is so important for the bank.
One of the significant ongoing projects is the migration of the existing SIEM platform to a more modern solution. This transition is challenging given the diverse technological environment at Commerzbank. However, the team is positive about it: “We are prepared for this challenge and believe the benefits of a modern solution would enhance monitoring capabilities and allow us to focus on security-relevant improvements,” Stefan asserts.
Want to grow your career as a cybersecurity engineer? Explore such and other open positions at Commerzbank DTC Sofia here.
