Middle Security Engineer (offline)

Responsibilities
Ready to:

Work in various size environments and infrastructures
Develop custom integrations with SIEM, logging and real-time analysis platforms
Develop actionable threat detection content
Design and create architecture for large scale SIEM


Requirements
Essential professional experience:

2+ years of experience as SIEM engineer, IT security specialist or SOC analyst
Experience with SIEM administration (any of Elastic Stack, Splunk, Azure Sentinel, ArcSight, etc)
Experience with log collection, processing and parsing with Elastic beats, logstash, vector, etc
System administrator or devops background: Windows, Unix systems, DBs
Scripting development (any of Bash, Python, PowerShell, Ruby, etc)
Strong background of analytical content development (Threat Detection Use cases)
Understanding of MITRE ATT&CK and Cyber Kill Chain frameworks
Intermediate English or higher


What we can offer:

- Competitive salary;
- Paid annual leave;
- The ability to attend conferences, webinars, and other events that will enhance your professional skills;
- Regular corporate events and team building;
- English courses;
- Medical insurance;
- Short Fridays;
- A friendly and young team of professionals.

Working conditions:

- 5-day work week;
- 8-hour working day (flexible schedule);
- Spacious comfortable office near the metro and the center of Kyiv;
- Practices of remote work.

About SOC Prime

SOC Prime is the only Threat Detection Marketplace where researchers monetize their content to help security teams defend against attacks faster and more efficiently than ever. Powered by its Detection as Code platform, SOC Prime curates the most up-to-date Sigma-based threat detection content from over 300 researchers and natively delivers it via subscription to 20+ SIEM and XDR platforms at more than 6,000 enterprises, governments and MDRs worldwide.

Company website:
https://socprime.com/

DOU company page:
https://jobs.dou.ua/companies/soc-prime-inc/