Вакансія Security Operations Engineer 

Infopulse Ukraine is inviting talented professionals to join our project and to work as a full-time Security Operations Engineer in our Kyiv office.

We offer the opportunity to work in professional and challenging working environment in telecommunications sector. The prospective candidate will have an opportunity to join BICS team on both national and international levels.

The main task will consist of SOC (Security Operations Center) use cases analysis, development and implementation, handling security incidents (logging, tracking and ensuring following-up until remediation.

Areas of Responsibility

• Perform various security related tasks according to standard operating procedures
• Participate on interconnecting the SIEM tool with sources of security incidents – e.g. logs from servers and applications, IDS/IPS, network and security devices, Vulnerability Management system, Antivirus system, etc.
• Build new use cases and enhance already existing ones, create alerts and monitoring dashboards, build reporting and SOC’s KPI.
• Develop and fine-tune security processes and procedures
• Actively detect and identify security weaknesses and determine the required remediation plan
• Work on improvements and or automation of existing tooling (look into evaluation and selection of new tools and supporting assets)
• Perform security incident analysis and recommend remediation steps
• Participate on automation of the incidents prioritization and false positives identification
• Act as a first-line contact point for various security consultations

Qualifications

• At least 3 year of professional experience with IT and Network Security products and services, at least one year of professional experience with SIEM platforms and of doing security analytics
• Experience with Security Information and Event Management (SIEM) tools like Splunk, ArcSight, QRadar, etc.
• Knowledge and experience with administration and hardening of Unix/Linux and Microsoft operating systems
• Knowledge of IT and Network Security principles, techniques and technologies
• Practical knowledge of security systems on the market (eg. Firewall, DMZ, SSL/IPSec VPN, Proxy, Remote Access, PKI …)
• Expert knowledge of Networking protocols and technologies, e.g. TCP/IP, Firewalls, NGFW, Routers, etc.
• Application security and general information security knowledge (eg. XSS, buffer overflow, URL tampering, SQL Injection, DDoS, Botnets, …)
• Basic programming and/or scripting skills (automation)
• Proficiency in written and spoken English

Will be an advantage

• Experience with Vulnerability scanners like Nessus, MVM, Qualys, etc.
• Experience with IDS/IPS solutions (Security Onion, Snort, Cisco IPS, NGIPS)
• Programming and scripting skills (Python, Php, Bash, Powershell, Java)
• IT Security Certifications like CISSP, CISM, CISA, CEH, GCIH, GCIA, OSCP, etc.
• University degree in Information Technology, ideally IT Security related.