At least 3 years of professional experience with IT and Network Security products and services
Experience with Security Information and Event Management (SIEM) tools like Splunk, ArcSight, QRadar, etc.
Knowledge and experience with Unix-like/Microsoft operating systems (where you have practical experience hardening them and solid understanding of how they function)
Knowledge of IT and Network Security principles, techniques and technologies
Practical knowledge of security systems on the market (eg. Firewall, DMZ, SSL/IPSec VPN, Proxy, Remote Access, PKI ...)
Expert knowledge of Networking protocols and technologies, e.g. TCP/IP, Firewalls, NGFW, Routers, etc.
Application security and general information security knowledge (eg. XSS, buffer overflow, URL tampering, SQL Injection, DDoS, Botnets, ...)
Passion for IT security tools, products and services, Network and Server Administration technologies
Basic programming and/or scripting skills (automation)
Proficiency in written and spoken English
Experience in Telco or a Carrier would be nice, but not a must... We will happily introduce you.
Experience with Vulnerability scanners like Nessus, MVM, Qualys, etc.
Experience with IDS/IPS solutions (Security Onion, Snort, Cisco IPS, NGIPS)
Programming and/or scripting skills in any of the following: Python, Php, Bash, Powershell, Java
IT Security Certifications like CISSP, CISM, CISA, CEH, GCIH, GCIA, OSCP, etc.
University degree in Information Technology, ideally IT Security related
Experience with collaboration tools / ticketing systems (RT, Jira)
Familiarity with Telco technologies / protocols
Experience with Endpoint Detection and Response Solutions
Perform various security related tasks according to standard operating procedures
Participate on integration of the SIEM tool with sources of security incidents — e.g. logs from servers and applications, IDS/IPS, network and security devices, Vulnerability Management system, Antivirus system, etc.
Build new use cases and enhance already existing ones, create alerts and monitoring dashboards, build reporting and SOC’s KPI
Develop and fine-tune security processes and procedures
Actively detect and identify security weaknesses and determine the required remediation plan
Strive for improvements and/or automation of existing tooling (look into evaluation and selection of new tools and supporting assets)
Perform security incident analysis and recommend remediation steps
Participate in automation of the incidents prioritization and false positives identification
Act as a first-line contact point for various security consultations
Infopulse Ukraine is inviting talented professionals to join our project as a Security Operations Engineer in our Kyiv office. The prospective candidate will have an opportunity to join BICS team on both national and international levels.
We are currently looking for an Operations Engineer to strengthen our Security Operations Centre (SOC) in Kyiv, which reports into the BICS Security department headquartered in Brussels. As member of that SOC a selected candidate will perform the Security Operations of both BICS as well as TeleSign (a recently acquired BICS affiliate).