Эта вакансия уже завершена
Наш клиент, международная компания с многолетней историей, предоставляющая системные IT- решения для бизнеса, в связи с расширением приглашает к сотрудничеству в г.Киев
Security Operations Engineer (junior to middle level)
Компания предлагает:
- Интересные проекты
- Дружный коллектив
- Профессиональное развитие и карьерный рост
- Стабильность, официальное трудоустройство и система оплаты
- Оплата медицинсокого страхования и спорта
- Курсы английского, немецкого, французского
- 20 дней оплачиваемого отпуска
- 100% оплата больничных
- Высокий уровень зарплаты
- График работы: 8 часовой рабочий день, комбинированный – офис-дом
- Форма трудоустройства: ФОП, ведет компания
- You will have the opportunity to extend your knowledge, explore, learn and grow in
- Security Information and Event Management (SIEM) environment.
- Participate in the integration of the SIEM tool with sources of security incidents – e.g. logs from servers and applications, IDS/IPS, network and security devices.
- Setting up and operating Vulnerability Management system, Antivirus system, etc.
- Performing Compliance management
- Build new use cases and enhance already existing ones, create alerts and monitoring dashboards, build reporting and SOC’s KPI.
- Threat hunting activities using all available tools (SIEM, IDS, EDR etc)
- Actively detect and identify security weaknesses and determine the required remediation plan
- Work on improvements and or automation of existing tooling. You will look into evaluation and selection of new tools and supporting assets
- Perform security incident analysis and recommend remediation steps
- Participate in the automation of the prioritization of incidents and the identification of false positives
- Grow professionally, improve your hard and soft skills with further career opportunities.
- Qualifications:
- University degree in Information Technology, ideally IT Security related
- At least 2 year of professional experience with IT and Network Security products and services
- Passion for IT security tools, products and services, Network and Server Administration technologies
- Knowledge and experience with administration and hardening of Unix/Linux and Microsoft operating systems
- Knowledge of IT and Information Security principles, techniques and technologies
- Practical knowledge of security systems on the market (eg. Firewall, DMZ, SSL/IPSec VPN, Proxy, Remote Access, PKI, etc.)
- Sound knowledge of Networking protocols and technologies, e.g. TCP/IP, Firewalls, NGFW, Routers, etc.
- Application security and general information security knowledge (eg. XSS, buffer overflow, URL tampering, SQL Injection, DDoS, Botnets, etc.)
- Proficiency in written and spoken English
- You have basic programming and/or scripting skills (automation)
- Will be an advantage
- Programming and scripting skills (Python, Bash, Powershell, Perl)
- Experience with collaboration tools / ticketing systems (RT, Jira)
- Familiarity with telco technologies / protocols
- Experience with Endpoint Detection and Response Solutions
- Experience with Vulnerability scanners like Nessus, MVM, Qualys, etc.
- Experience with IDS/IPS solutions (Security Onion, Snort, Cisco IPS, NGIPS)
- IT Security Certifications like CISSP, CISM, CISA, CEH, GCIH, GCIA, OSCP, etc
- Experience with SIEM and/or SOAR solutions
Areas of Responsibility
- Manage security Incidents & Vulnerabilities using our SOC ticketing system
- Ensure an adequate problem description for each reported issue.
- Determine correct severity as well as identify and appoint severity of the event
- Throughout the lifecycle of the problem ticket, being responsible for the accurateness of each ticket
- Actively follow-up and actively poll for status updates and progress until remediation / ticket closure
- Ensure notable security events are drafted in an agreed report template which is provided monthly to Senior Management
- Log and follow-up policy / risk exception and exemptions through their lifecycle
- Security certificates are being managed, you track expire and ensure timely renewal
- Logging and tracking of temporary access or privileges
- Maintaining a PenTesting calendar and initiation, coordination of the pentest activities. You maintain a record of consumed/available Pentesting mandays (& costs). As well as ensure PenTest reports are centralized and securely stored
- Initiate, follow-up and register evidence of Quarterly User Access reviews
- You will also be actively involved in the vulnerability scanning process, analysis and following-up with remediation actions
- You initiate and coordinate Risk Assessment following the BICS Risk Mgt Framework
- You will be in charge of setting up and Producing a quarterly Risk Management dashboard Report
- You explore our big data, analyse trends, identify and maintain meaningful KPI’s and dashboards
- You scan for compliance against our policies and standards, log deviations and strive for remediation
- You develop and fine-tune existing security processes and procedures
- You apply automation where required and/or meaningful
- Act as a first-line contact point for various security consultations