Tietoevry Create Ukraine (formerly Infopulse Ukraine)

Tietoevry Create Ukraine welcomes a dedicated and seasoned Security Project Manager to become a key member of our Security team. The ideal candidate will possess substantial experience in overseeing the implementation of security solutions and services for mid-to-large enterprises. A strong grasp of fundamental security concepts and familiarity with global and EU security regulations such as ISO27001, GDPR, NIS2, DORA, CRA, and the AI Act are essential. Additionally, proficiency with the Microsoft XDR stack would be highly advantageous.

Responsibilities

· Manage the delivery of mid-to-large enterprise security solutions and services

· Manage standalone security projects or services as well as security aspects of larger deliveries

· Apply creativity to solve issues and remove barriers to project development

· Act as Service Owner

· Implement quality guidelines, standards, and procedures

· Establish and manage SOC processes and metrics

· Demonstrate advanced leadership and management skills

· Maintain a customer-centric approach

· Ensure good self and team organization

· Oversee direct and indirect team management, including task delegation and control

· Adjust communications for both technical and non-technical audiences

· Exhibit excellent analytical abilities, negotiation, presentation, and organizational/planning skills

· Drive for results by maintaining constant awareness of projects and clients, and keeping product owners focused on milestones

Required Skills & Qualifications

· Bachelor’s degree in Computer Science, Information Security, or a related field

· 4-6 years of hands-on experience in a Security Operations Center (SOC) environment

· Strong, demonstrable experience with SIEM platforms, specifically Microsoft Sentinel

· Experience with other security tools such as EDR solutions (e.g., Microsoft Defender for Endpoint, CrowdStrike), vulnerability scanners, and threat intelligence platforms

· Excellent analytical, problem-solving, and critical thinking skills

· Strong written and verbal communication skills to effectively articulate technical issues to both technical and non-technical audiences

· Advanced level of English

· Ability to work independently and as part of a team in a fast-paced environment

· Stay aware of global and EU security regulations, such as ISO27K, GDPR, NIS2, DORA, CRA, and AI-Act

· Exhibit a proactive, result-oriented personality able to work in a team

The following Certifications would be an advantage

· CISSP (Certified Information Systems Security Professional)

· CISM (Certified Information Security Manager)

· CRISC (Certified in Risk and Information Systems Control)

· CompTIA Security+

· GIAC Security Essentials (GSEC)

· Microsoft Certified: Cybersecurity Architect Expert (SC-100)

· PMI PMP (Project Management Professional)

· ITIL® 4 Foundation / Intermediate

· CCSP (Certified Cloud Security Professional)

Tietoevry Create is seeking talented professionals to join our team as a Middle Network Engineer in Ukraine for remote collaboration.

Areas of Responsibility

• Design, configure, implement and operate complex network and security solutions
• Troubleshoot LAN, WLAN, WAN, VPN, Firewall, NGFW solutions
• Patch management of network solutions
• Network performance and capacity monitoring and improving
• Secure network systems by establishing and enforcing policies, standards and guidelines
• Report on network operational status by gathering and prioritizing information
• Remote support of on-site engineers and end users/customers
• Cooperate with project management teams, engineers and service desk team on a regular basis

Qualifications

• 3+ years of experience in network administration
• 3+ years professional experience maintaining Cisco or Fortinet or Check Point Next-Gen Firewall environment
• Ability to quickly explore, examine and understand network problems and how it affects a customer’s business
• Experience in the use of network monitoring tools with a strong understanding of network protocols
• Solid understanding of L2/L3 protocols (deployment and troubleshooting) such as STP, LACP, L2 security, 802.1x, OSPF, BGP etc
• Solid understanding of TCP/IP stack protocols (DNS, DHCP, SMTP, SNMP, ICMP)
• On-hands experience with Wireless services (deploying and troubleshooting)
• Understanding of VPN solutions and encryption services
• Basic understanding of Windows/Linux OS operation
• Excellent troubleshooting skills, a customer-focused mindset, and the ability to communicate effectively in English

Will be an advantage

• Cisco CCNA certification (CCNP Enterprise will be a huge plus)
• Fortinet NSE 4 certification
• Check Point CCSA certification
• Experience with any of Azure, AWS or GCP public clouds
• Meraki cloud deployment experience
• Automation skills (Python/Bash scripting, API calls programming, Ansible, Terraform, etc.)

Tietoevry Create Ukraine is inviting a talented professional to join our team as a L2 SOC Analyst to join our Security Operations Center (SOC) team. The ideal candidate will have hands-on experience not only with Microsoft Sentinel but also with the broader Microsoft XDR stack, including Defender for Endpoint, Defender for Identity, Defender for Cloud, and Defender for Office 365. 

Areas of Responsibility:

• Incident Analysis:
  • Perform real-time monitoring and analysis of security events and alerts from various security tools, including SIEM (Sentinel), Microsoft Defender Suite, Firewalls, IDS/IPS, WAFs, and other security logs.
  • Analyze telemetry from Microsoft Defender products (Endpoint, Identity, Cloud, Office 365) within Microsoft Sentinel.
  • Utilize Microsoft 365 Defender’s unified incident queue to correlate alerts across Defender products.
  • Conduct in-depth investigations of escalated security incidents, performing root cause analysis to understand the full scope and impact.
  • Correlate data from multiple sources to identify suspicious activities, attack patterns, and potential threats.
  • Distinguish between false positives and true security incidents, prioritizing and escalating as necessary.
• Incident Response & Remediation:
  • Execute incident response procedures, including containment, eradication, and recovery steps.
  • Leverage Microsoft Defender capabilities for containment and investigation.
  • Provide support during and lead security event investigations, collaborating with internal teams (IT, Network, Applications) and other stakeholders when required.
  • Document all activities during an incident, providing timely status updates and preparing comprehensive incident reports.
  • Recommend and assist in implementing corrective actions and security enhancements to prevent future occurrences.
• Documentation & Reporting:
  • Maintain accurate and up-to-date documentation of security incidents, investigations, procedures (SOPs), and playbooks.
  • Generate regular security reports and metrics for management, highlighting key trends and security posture.
• Mentoring & Collaboration:
  • Mentor and guide junior SOC analysts (L1) in their daily tasks, incident triage, and investigation techniques.
  • Share best practices for Microsoft XDR integration and use cases with junior analysts.
  • Collaborate effectively with other cybersecurity teams (e.g., L3 Analysts) and IT operations.
  • Participate in security awareness initiatives and knowledge sharing sessions.
• Shift Work:
  • Work in a 24x7 rotational shift environment, including night shifts and weekends.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 2-4 years of hands-on experience in a Security Operations Center (SOC) environment.
• Strong, demonstrable experience with SIEM platforms, specifically Microsoft Sentinel and IBM QRadar, including:
  • Alert triage, investigation, and incident response.
  • Active incident response including containment, eradication, and recovery steps
  • Rule updates suggestion, creation, tuning, and optimization.
  • Reports generation.
• In-depth understanding of cybersecurity concepts, including:
  • Network security (TCP/IP, firewalls, IDS/IPS, VPNs, proxies).
  • Endpoint security.
  • Cloud security principles (AWS, Azure, GCP).
  • Common attack vectors, threat actor TTPs, and the MITRE ATT&CK framework.
• Proficiency in analyzing various log types (Windows event logs, Linux logs, network device logs, application logs).
• Experience with other security tools such as EDR solutions (e.g., Microsoft Defender for Endpoint, CrowdStrike), vulnerability scanners, and threat intelligence platforms.
• Familiarity with scripting languages (e.g., Python, PowerShell) for automation and analysis is a plus.
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong written and verbal communication skills to effectively articulate technical issues to both technical and non-technical audiences.
• Intermediate level of English is a minimum.
• Ability to work independently and as part of a team in a fast-paced environment.

Would be an advantage:

• Familiarity with Microsoft 365 Defender portal and unified incident management.
• Microsoft Certified: Azure Security Engineer Associate (AZ-500)
• Microsoft Certified: Security Operations Analyst Associate (SC-200)
• Microsoft Certified: Microsoft Identity and Access Administrator Associate (SC-300)
• GIAC Certified Detection Analyst (GCDA)
• CompTIA Cybersecurity Analyst (CySA+)
• IBM Certified Deployment Professional - Security QRadar SIEM