«Инфопульс Украина» — крупнейшая ИТ-компания Украины, которая предоставляет сервисы для всего жизненного цикла ИТ-систем и услуги по поддержке телеком-инфраструктуры. Разноплановое сервис-портфолио и, соответственно, разнообразие проектов, позволяет нам не только стабильно расти, но и предоставлять обширные возможности для развития нашим сотрудникам.
2 марта 2021

Security Operations Engineer (ID:9553) (вакансия неактивна)


Необходимые навыки

• University degree in Information Technology, ideally IT Security related
• At least 3 year of professional experience with IT and Network Security products and services.
• Passion for IT security tools, products and services, Network and Server Administration technologies
• Knowledge and experience with administration and hardening of Unix/Linux and Microsoft operating systems
• Knowledge of IT and Information Security principles, techniques and technologies
• Practical knowledge of security systems on the market (eg. Firewall, DMZ, SSL/IPSec VPN, Proxy, Remote Access, PKI, etc.)
• Sound knowledge of Networking protocols and technologies, e.g. TCP/IP, Firewalls, NGFW, Routers, etc.
• Application security and general information security knowledge (eg. XSS, buffer overflow, URL tampering, SQL Injection, DDoS, Botnets, etc.)
• Proficiency in written and spoken English
• Strong analytical and problem-solving skills
• Ability to manage multiple tasks and resources
• Good presentation and communication skills
• You are structured and keen to identify and implement improvements
• You have basic programming and/or scripting skills (automation)
• Flexible and open for fast changes, always willing to learn and improve

Будет плюсом

• Programming and scripting skills (Python, Bash, Powershell, Perl)
• Experience with collaboration tools / ticketing systems (RT, Jira)
• Familiarity with telco technologies / protocols
• Experience with Endpoint Detection and Response Solutions
• Experience with Vulnerability scanners like Nessus, MVM, Qualys, etc.
• Experience with IDS/IPS solutions (Security Onion, Snort, Cisco IPS, NGIPS)
• IT Security Certifications like CISSP, CISM, CISA, CEH, GCIH, GCIA, OSCP, etc
• Experience with SIEM and/or SOAR solutions


You will have the opportunity to extend your knowledge, explore, learn and grow in:
• Security Information and Event Management (SIEM) environment.
• Participate in the integration of the SIEM tool with sources of security incidents — e.g. logs from servers and applications, IDS/IPS, network and security devices.
• Setting up and operating Vulnerability Management system, Antivirus system, etc.
• Performing Compliance management
• Build new use cases and enhance already existing ones, create alerts and monitoring dashboards, build reporting and SOC’s KPI.
• Threat hunting activities using all available tools (SIEM, IDS, EDR etc)
• Actively detect and identify security weaknesses and determine the required remediation plan
• Work on improvements and or automation of existing tooling. You will look into evaluation and selection of new tools and supporting assets
• Perform security incident analysis and recommend remediation steps
• Participate in the automation of the prioritization of incidents and the identification of false positives
• Grow professionally, improve your hard and soft skills with further career opportunities.


• Manage security Incidents & Vulnerabilities using our SOC ticketing system.
o Ensure an adequate problem description for each reported issue.
o Determine correct severity as well as identify and appoint severity of the event.
o Throughout the lifecycle of the problem ticket, being responsible for the accurateness of each ticket.
o Actively follow-up and actively poll for status updates and progress until remediation / ticket closure.
• Ensure notable security events are drafted in an agreed report template which is provided monthly to Senior Management.
• Log and follow-up policy / risk exception and exemptions through their lifecycle.
• Security certificates are being managed, you track expire and ensure timely renewal
• Logging and tracking of temporary access or privileges
• Maintaining a PenTesting calendar and initiation, coordination of the pentest activities. You maintain a record of consumed/available Pentesting mandays (& costs). As well as ensure PenTest reports are centralized and securely stored.
• Initiate, follow-up and register evidence of Quarterly User Access reviews
• You will also be actively involved in the vulnerability scanning process, analysis and following-up with remediation actions
• You initiate and coordinate Risk Assessment following the BICS Risk Mgt Framework
• You will be in charge of setting up and Producing a quarterly Risk Management dashboard Report
• You explore our big data, analyse trends, identify and maintain meaningful KPI’s and dashboards
• You scan for compliance against our policies and standards, log deviations and strive for remediation
• You develop and fine-tune existing security processes and procedures
• You apply automation where required and/or meaningful
• Act as a first-line contact point for various security consultations

О проекте

Infopulse is currently looking for an Operations Engineer to strengthen our Security Operations Centre (SOC) in Kyiv, which reports into the BICS Security department headquartered in Brussels.