We are highly successful Company with great ambitions. We operate on a very competitive market so every day we are looking for opportunities to be better. To be faster. Even faster. Never stand aside and never afraid to try. Having a lot of own ideas we are very open for fresh ones. Equally important, we have resources to bring these into motion.
— Work with large dataset from different infrastructures;
— Design and implement monitoring/prevention security controls for new company’s products/features/3-rd parties integrations;
— Analyze actual threats and develop mitigation controls;
— Support and develop SIEM not only as system — but as process.
— 2+ years of experience as IT security specialist/analyst, SOC analyst, SIEM specialist position;
— Experience with SIEM administration and support: Elastic Stack, Splunk;
— System administrator or devops background: Unix systems, DBs, AWS, k8s, Git;
— Experience with log collection, parsing and enrichment with Elastic beats, logstash, syslog-ng, rsyslog;
— Strong experience at logs analysis, correlation and visualization via Elastic stack tools;
— Scripting development using a variety of tools like Bash, Python, Ruby, Go;
— Use of MITRE ATT&CK and Cyber Kill Chain frameworks.
— Developing predictive alerts (ML + anomaly detection);
— Playbooks analysis and implementation.