Security engineer

Responsibilities

Ready to:

Develop custom integrations with SIEM, logging and real-time analysis platforms

Develop actionable threat detection content (create custom searches, rules, queries, and dashboards)

Design and create architecture for large scale SIEM

Requirements

Essential professional experience:

2+ years of experience as a Cybersecurity specialist/IT security specialist/SOC analyst

Experience with SIEM administration/Use case development (any of [from most relevant to least relevant]):

- Splunk

- QRadar

- ArcSight

- Elastic Stack (ELK)

Experience with Cybersecurity solutions (any): Firewalls, IPS, NTA, NDR, WAF, WSG, ESG, VMS, EDR, XDR, EPP, Sandbox, etc.

Experience with log collection, processing and parsing.

Strong background of cybersecurity threats, attack techniques and ways of their detection based on log data

Understanding of MITRE ATT&CK and Cyber Kill Chain frameworks

System administrator or DevOps background: Windows, Unix systems, DBs, Networking

Scripting development (any of Bash, Python, PowerShell, Ruby, etc.)

Regular expressions

Experience with Cloud services (AWS, Azure, GCP)

Intermediate English or higher