Description
We are looking a Senior Security Engineer , who will provide operational leadership and support for the SIEM infrastructure of the group.
As a member of the Security Operations Team, the candidate will work in close coordination with their direct manager to pinpoint potential use cases and generate metric reports.
LI-KG7 #EasyApply
Responsibilities
- Ownership of the SIEM infrastructure, including monitoring health status and proper sizing
- Optimal operation of SIEM filters, rules, expressions, reports, data monitors and other identification mechanisms of the threat and vulnerability management technologies
- Take ownership of SIEM infrastructure & services, pinpointing potential use cases, implementing new log sources and delivering meaningful alerts to our SoC
- Generation of weekly reports to spotlight recurring and potential attacks
- Operational ownership of SOAR infrastructure and automation playbooks
- Analysis, design, development, and delivery of solutions for adversary stoppage
- Threat identification
- Investigation of incidents / alerts generated from the SIEM
- Execution of purple exercises in collaboration with colleagues on our internal and external infrastructure, including AAD, web-applications, cloud solutions, network, and more
Requirements
- A minimum of 3 years of experience in Security Engineering
- At least 1 year of SIEM administration experience with ArcSight
- PNPT and / or OSCP certifications or related knowledge
- Demonstrated familiarity with attack vectors, vulnerabilities and content creation
- Proven knowledge / experience as a SoC analyst (L2-L3)
- Fluent English communication skills at a B2+ level
Nice to have
SIEM administration experience with other tools
We offer
- We connect like-minded people : Delivering innovative solutions to industry leaders, making a global impact Enjoyable working environment, whether it is the vibrant office or the comfort of your own home Opportunity to work abroad for up to two months per year Relocation opportunities within our offices in 50+ countries Corporate and social events
- We invest in your growth : Leadership development, career advising, soft skills and well-being programs Certifications, including GCP, Azure and AWS Unlimited access to LinkedIn Learning, Get Abstract, O'Reilly, Cloud Guru Free English classes with certified teachers
- We cover it all : Participation in the Employee Stock Purchase Plan Monetary bonuses for engaging in the referral program Comprehensive medical & family care package Five trust days per year (sick leave without a medical certificate) Benefits package (sports activities, a variety of stores and services)
EPAM Georgia is a team of innovators united by a passion for technology. The dynamic and inclusive culture we embrace helps positively impact our communities, clients, and employees.
Here you will collaborate with multi-national teams, contribute to numerous cutting-edge projects, deliver the most creative solutions, and have an opportunity to learn.
Our people are at the heart of our success, and we are proud to provide talents with a solid ground to develop and grow.