Join our companies in their quest to drive powerful, positive, change that endures.

Senior SOC Engineer



Limassol, Cyprus
Posted on Monday, April 22, 2024

Senior SOC Engineer

, Limassol

We are looking for a Senior SOC Engineer to join the team Infra Security.


  • Develop, review and improve correlation rules for SIEM to detect malicious activity in different parts of infrastructure
  • Review and update response playbooks for SIEM alerts and information security incidents
  • Develop new microservices to automate SOC tasks and duties and improve existing ones in terms of stability, efficiency and scalability
  • Analyze the current SOC activities, generate the automation proposals, develop the architecture of future solutions
  • Research the new technologies and their applicability in SOC, lead the implementation of such technologies
  • Respond to SIEM alerts and participate in security incidents investigations together with other members of the SOC team


Who we are looking for:

  • Experience working with at least one of the popular SIEM solutions (Splunk, ArcSight ESM, QRadar, etc.) as an engineer or analyst
  • Experience in developing and optimizing SIEM correlation rules to detect malicious activity
  • Understanding of tactics, techniques and procedures (in accordance with the MITER Attack matrix) used at different stages of hacker attacks (initial access, lateral movement, privilege escalation, persistence, etc)
  • Middle and higher Python level
  • Experience designing simple, scalable, and efficient microservices in Python or Golang
  • Ability to work with documentation (+ ability to quickly understand any library)
  • Experience with Github or Gitlab
  • English at the level of reading technical documentation

What makes you a better fit:

  • Experience in developing detection rules for SIEM for Cloud (AWS/GCP) and Kubernetes infrastructure
  • Knowledge and experience with asynchrony mechanisms in Python (asyncio, aiohttp, FastApi)
  • Ability to build modular and extensible architecture, experience in using various architectural patterns
  • Experience with Github Actions, Gitlab CI or other CI/CD systems
  • Experience with Docker, writing Docker-compose files
  • Experience writing Helm Charts, deploying services in K8S via Helm
  • Professional certificates in practical information security in offensive and defensive areas

    Skills Tags: Splunk, SIEM, Linux, Falco, Osquery, Auditd, Docker, Kubernetes, Helm, AWS, GCP, Python, Golang, Windows, Sysmon, Elastic, Mitre Attack, MacOS, Github, Ansible, Terraform

Conditions & Benefits

  • Relocation to company offices in Cyprus;
  • Modern MacBook Pro and other equipment necessary for work;
  • Unlimited opportunities for professional and career growth, regular external and internal training from our partners;
  • Personal growth programs in which we set goals and move towards them together;
  • Become part of an international team of professionals and just good people who together create one of the coolest success stories in the global IT industry.