Informacje o stanowisku

technologies-expected :

• SIEM
• Splunk
• Azure
• AWS
• Google Cloud Platform

• We are seeking a knowledgeable and driven SOC Engineer to join our expanding Detection & Response Team. This position is key to advancing our ability to monitor, detect, and respond to security threats. As part of the team, you will work with Elastic solutions, integrate diverse data sources, and leverage cloud environments to enhance our threat detection capabilities.
• This role provides an excellent opportunity to grow in technical expertise, collaborate with a talented team, and make a meaningful impact by safeguarding our clients’ environments from cyber threats.

• Design and Deploy: Configure and maintain SIEM solution, ensuring optimal performance and seamless integration with log sources.
• Develop and Enhance: Create and fine-tune detection rules, correlation use cases, and dashboards to ensure comprehensive threat visibility.
• Collaborate and Support: Work closely with the SOC team to align SIEM capabilities with incident response requirements and refine detection methodologies.
• Optimize Log Management: Integrate diverse log sources, enhance log ingestion, and maintain data processing pipelines for efficiency.
• Leverage Cloud Expertise: Incorporate logs and telemetry from Azure, AWS, or GCP environments to provide robust cloud monitoring.
• Utilize Networking Knowledge: Support security operations by integrating IDS/IPS technologies and analyzing network telemetry.
• Document and Train: Maintain up-to-date documentation for configurations and integrations while mentoring junior team members.
• Innovate Continuously: Identify opportunities to streamline operations and enhance the SIEM platform’s capabilities.

• If these points describe you, you will thrive in this role:
• You have experience working with(any of) ElasticSIEM, LogScale, Azure Sentinel or Qradarand are passionate about optimizing its use for advanced detection capabilities.
• Terms like log integration, IDS/IPS, cloud security, and detection engineering excite you, and you are eager to tackle these challenges daily.
• You understand how to integrate and optimize data from diverse sources, including network devices, cloud platforms, and endpoints.
• You stay updated on the latest trends in security technologies, frameworks, and best practices, ensuring your skills and knowledge remain cutting-edge.
• You are driven to contribute to a collaborative team environment and share your expertise with others.
• Experience:
• oAt least 2 years of hands-on experience with mentioned SIEM or similar platforms (e.g., Splunk).
• oExperience integrating and configuring IDS/IPS, firewalls, and other security technologies.
• Technical Knowledge:
• oProficiency in log source integration from network, endpoint, and cloud environments.
• oFamiliarity with cloud platforms like Azure, AWS, or GCP.
• oUnderstanding of network protocols, firewall configurations, and security frameworks (e.g., MITRE ATT&CK).
• Soft Skills:
• oStrong analytical skills and problem-solving abilities.
• oEffective communication skills for both technical and non-technical stakeholders.
• oA proactive mindset with a passion for collaboration and innovation.

• The opportunity to work with cutting-edge technologies and methodologies in a dynamic SOC environment.
• Professional growth through access to training, certifications, and hands-on experience.
• A collaborative and supportive team culture that encourages continuous learning and innovation.
• Competitive compensation and benefits, including quarterly performance bonuses.

Warszawa - Oferty pracy w okolicznych lokalizacjach