Senior Security Engineer

136
Title: Senior Security EngineerWe are looking for a talented Security Engineer experienced in Cyber, Information, Network, and Cloud Security in enterprise environments. A perfect candidate for this position will have basic scale knowledge of threat analysis of event data from commercial and open-source infrastructure technology platforms.

Please note that even though you are applying for this position, you may be offered other projects to join within EPAM Anywhere.

Responsibilities

  • Work in a 24/7 environment with rotation-based shifts, including weekends
  • Monitor on-prem and AWS infrastructure for attacks, intrusions and unusual, unauthorized, or illegal activity
  • Monitor identity and access management, including monitoring for abuse of permissions by authorized system users
  • Create SIEM and SOAR detection and remediation scenarios, implement them as rules
  • Create, test and update playbooks
  • Perform threat hunting and support threat intelligence processes
  • Perform other security operation activities along with security monitoring
  • Generate reports for both technical and non-technical staff and stakeholders
  • Use advanced analytic tools to determine emerging threat patterns and vulnerabilities
  • Work with the following toolset: Splunk, CarbonBlack, Red Canary, ThreatStack, AWS Guard Duty, AWS Detective, TheHive, Cortex, Nexpose, PaloAlto

Requirements

  • Technical knowledge of Internet security, networking protocols, and related technologies, including IDS/IPS, firewalls, content filtering, Network Behavior Analysis tool, Anti-malware, and packet inspection
  • Basic understanding of Windows, Linux, DB and network device monitoring and logging technics
  • Basic understanding of host and network security hardening, networking protocols, common intrusion techniques, and common risk management concepts
  • Basic knowledge of malware detection, intrusion detection, and prevention systems
  • Experience with 1 or more SIEM solutions (Splunk, QRadar, ArcSight, LogRhythm, ELK, Wazuh, Apache Metron, OSSIM, etc.)
  • Experience with 1 or more SIRP/SOAR tool (TheHive, Cortex, Phantom, Demisto, Resilient, etc.)
  • Experience with network security
  • Experience with Firewalls (F5, Juniper, Check Point, Palo Alto, Cisco)

We offer

  • Competitive compensation depending on experience and skills
  • Work in enterprise-level projects on a long-term basis
  • Full-time remote work (you can work from anywhere you are)
  • Unlimited access to learning courses (LinkedIn learning, EPAM training courses, English regular classes, Internal Library)
  • Community of 30,100+ industry’s top professionals

Apply Here!

Comments