Вакансия Security Systems Engineer

5 вакансий
Специализация: Support
Уровень: middle
Опыт: 2 года
Уровень английского: Intermediate
Город: Минск
Размер команды: 1
Размер компании: 35500

DESCRIPTION

You are curious, persistent, logical, and clever. You are talented tier 1-2 security analysts experienced in Cyber/Information/Network/Cloud Security in enterprise environments, with basic scale knowledge of threat analysis of event data from commercial and open-source infrastructure technology platforms. If this sounds like you, then this could be the perfect opportunity to join EPAM as a Security Systems Engineer.Toolset: Splunk, CarbonBlack, Red Canary, ThreatStack, AWS Guard Duty, AWS Detective, TheHive, Cortex, Nexpose, PaloAlto

What You’ll Do

  • Work in 24/7 environment with rotation-based shifts, including weekends
  • Monitor on-prem and AWS infrastructure for attacks, intrusions and unusual, unauthorized or illegal activity
  • Monitor identity and access management, including monitoring for abuse of permissions by authorized system users
  • Create SIEM and SOAR detection and remediation scenarios, implement them as rules. Create, test and update playbooks
  • Perform threat hunting and support threat intelligence processes
  • Along with security monitoring perform other security operation activities
  • Generate reports for both technical and non-technical staff and stakeholders
  • Use advanced analytic tools to determine emerging threat patterns and vulnerabilities

What You Have

  • Technical knowledge of Internet security, networking protocols, and related technologies, including IDS/IPS, firewalls, content filtering, Network Behavior Analysis tool, Anti-malware and packet inspection
  • Understanding of Windows, Linux, DB and network device monitoring and logging technics
  • Basic understanding of host and network security hardening, networking protocols, common intrusion techniques and common risk management concepts
  • Basic knowledge of malware detection, intrusion detection and prevention systems
  • Experience with 1 or more SIEM solutions (Splunk, QRadar, ArcSight, LogRhythm, ELK, Wazuh, Apache Metron, OSSEC etc.)
  • Familiar with 1 or more SIRP/SOAR tool (TheHive, Cortex, Phantom, Demisto, Resilient etc.)
  • Experience with network security
  • Experience with Firewalls (F5, Juniper, Check Point, Palo Alto, Cisco)

What We Offer

  • Experience exchange with colleagues all around the world
  • Competitive compensation depending on experience and skills
  • Opportunities for self-realization
  • Unlimited access to LinkedIn learning solutions
  • Free English classes
  • Friendly team and enjoyable working environment
  • Engineering, corporate and social events
  • Social package: professional & soft skills trainings, medical & family care programs, sports
  • Flexible working schedule
D2b10083e7a8f09e31084a776c53e329
Представитель компании
Вакансии компаний