Senior SOC Engineer
inDrive
This job is no longer accepting applications
See open jobs at inDrive.See open jobs similar to "Senior SOC Engineer" General Catalyst.Limassol, Cyprus
Posted 6+ months ago
Senior SOC Engineer
, Limassol
We are looking for a Senior SOC Engineer to join the team Infra Security.
Responsibilities
- Develop, review and improve correlation rules for SIEM to detect malicious activity in different parts of infrastructure
- Review and update response playbooks for SIEM alerts and information security incidents
- Develop new microservices to automate SOC tasks and duties and improve existing ones in terms of stability, efficiency and scalability
- Analyze the current SOC activities, generate the automation proposals, develop the architecture of future solutions
- Research the new technologies and their applicability in SOC, lead the implementation of such technologies
- Respond to SIEM alerts and participate in security incidents investigations together with other members of the SOC team
Qualifications
Who we are looking for:
- Experience working with at least one of the popular SIEM solutions (Splunk, ArcSight ESM, QRadar, etc.) as an engineer or analyst
- Experience in developing and optimizing SIEM correlation rules to detect malicious activity
- Understanding of tactics, techniques and procedures (in accordance with the MITER Attack matrix) used at different stages of hacker attacks (initial access, lateral movement, privilege escalation, persistence, etc)
- Middle and higher Python level
- Experience designing simple, scalable, and efficient microservices in Python or Golang
- Ability to work with documentation (+ ability to quickly understand any library)
- Experience with Github or Gitlab
- English at the level of reading technical documentation
What makes you a better fit:
- Experience in developing detection rules for SIEM for Cloud (AWS/GCP) and Kubernetes infrastructure
- Knowledge and experience with asynchrony mechanisms in Python (asyncio, aiohttp, FastApi)
- Ability to build modular and extensible architecture, experience in using various architectural patterns
- Experience with Github Actions, Gitlab CI or other CI/CD systems
- Experience with Docker, writing Docker-compose files
- Experience writing Helm Charts, deploying services in K8S via Helm
-
Professional certificates in practical information security in offensive and defensive areas
Skills Tags: Splunk, SIEM, Linux, Falco, Osquery, Auditd, Docker, Kubernetes, Helm, AWS, GCP, Python, Golang, Windows, Sysmon, Elastic, Mitre Attack, MacOS, Github, Ansible, Terraform
Conditions & Benefits
- Relocation to company offices in Cyprus;
- Modern MacBook Pro and other equipment necessary for work;
- Unlimited opportunities for professional and career growth, regular external and internal training from our partners;
- Personal growth programs in which we set goals and move towards them together;
- Become part of an international team of professionals and just good people who together create one of the coolest success stories in the global IT industry.
This job is no longer accepting applications
See open jobs at inDrive.See open jobs similar to "Senior SOC Engineer" General Catalyst.