Security Engineer

Responsible for designing and implementing security solutions within the cloud environment, supporting automation of SOC capabilities, researching, and implementing new technology capabilities.

• Design and implement security solutions for the customer and support onboarding activities in the cloud environment
• Integrate customers’ environments with relevant internal SOC tools (e.g. SOAR, DWH, SIEM)
• Research, assess and implement new technology capabilities
• Perform lifecycle and maintenance related activities (e.g. connectors, health monitoring, detection logic refinement, workbooks, solution blocks)
• Support automation of SOC capabilities in collaboration with stakeholders from different functional units
• Work on data normalization in collaboration with Threat Detection Management functional unit
• Work in collaboration with cloud providers and internal operational teams
• Create and maintain technical documentation, procedures, and user guides

• Collaboration skills in cross-functional teams
• Understanding of Agile methodologies
• Understanding of “infrastructure-as-code” cloud concept
• Excellent English written and verbal skills
• Knowledge and hands-on experience with cloud security products for at least one of cloud providers (Azure, AWS, GCP)
• Understanding of networking principles and commonly used Internet protocols
• Understanding of SIEM functionality and logic behind creating rules and filters, and integration principles with different event sources
• Worked in SOC

Nice to have:

• GIAC Certified Incident Handler SEC504 or similar
• GIAC Certified Forensic Analyst FOR508 or similar
• Any of 600 or 700 SANS courses - intermediate - that would be very good (even if only courses would be)
• Scripting experience (e.g. PowerShell, Python, etc.)