Эта вакансия уже завершена
Responsibilities
Ready to:
Develop custom integrations with SIEM, logging and real-time analysis platforms
Develop actionable threat detection content (create custom searches, rules, queries, and dashboards)
Design and create architecture for large scale SIEM
Requirements
Essential professional experience:
2+ years of experience as a Cybersecurity specialist/IT security specialist/SOC analyst
Experience with SIEM administration/Use case development (any of [from most relevant to least relevant]):
- Splunk
- QRadar
- ArcSight
- Elastic Stack (ELK)
Experience with Cybersecurity solutions (any): Firewalls, IPS, NTA, NDR, WAF, WSG, ESG, VMS, EDR, XDR, EPP, Sandbox, etc.
Experience with log collection, processing and parsing.
Strong background of cybersecurity threats, attack techniques and ways of their detection based on log data
Understanding of MITRE ATT&CK and Cyber Kill Chain frameworks
System administrator or DevOps background: Windows, Unix systems, DBs, Networking
Scripting development (any of Bash, Python, PowerShell, Ruby, etc.)
Regular expressions
Experience with Cloud services (AWS, Azure, GCP)
Intermediate English or higher
Ивашенюк Наталья