Security Engineer SOC in Raiffeisen Bank

Our bank is people-centric, focusing on the individual and liberating personal innovative power. It’s our way. We look forward to fostering a lasting relationship with you and our innovation.We are Aval — Raiffeisen Bank Aval — Raiffeisen Bank Ukraine. We are Ukrainian bank. For 30 years, since the first steps of Independence, we have been creating and building the banking system of our country #Together_with_Ukraine. We are one of the largest banks in Ukraine and reliable partner for millions of Ukrainians.We are fully responsible for all tech development and work as the IT company inside of the bank. We achieve high-speed digital products. We implement modern engineering practices, work on innovations that build high-quality interaction with our customers.Our bank is people-centric, focusing on the individual and liberating personal innovative power. It’s our way. We look forward to fostering a lasting relationship with you and our innovation.#RaifTeam. Welcome you to join us!Your responsibilities:Organizing processes of internal SOC:Log-management processes, monitoring and incident management of information securityDevelopment of monitoring scenariosAdministration of monitoring systems and log-managementPreferred qualification:Basics of AWS, Microsoft Defender for EndPointKnowledge of tactics, techniques, and procedures according to MITRE ATT&CKKnowledge of syslog, windows event log collector at the administrator levelBasics of Linux, Windows OS, work principles of commutation equipment and main instruments of security (IPS/HIPS, FW, WAF, Proxy, AV, DLP, IDM)Basics SQL, regex, PythonPrinciples of information security and incident management monitoring organization (use cases, rulebooks/playbooks, response procedures)Knowledge of K8sWill be a plus:Knowledge of OpenSearch/ELK at the administrator or analyst levelKnowledge of instruments and services for AWS logging and monitoring (CloudTrail, CloudWatch, VPC Flow Logs, AWS Security Hub, etc.)Knowledge of ArcSight products (ArcSight ESM 7.X, ArcSight Logger 7.X, ArcSight Command Center 2.X) at the administrator or analyst level, ArcSight connectors development and administrationKnowledge of Splunk at the analyst levelKnowledge basics of Threat Intelligence (MISP)We offer:International business career: work in a large international company that creates a diverse and inclusive environment for professional and personal growth. Strong Raiffeisen community of highly professional and successful teams from different countries.Challenging WOW-projects: involvement into large-scale projects on product development, using modern engineering technologies, unique approach to encouraging customer-driven innovation.Comfortable and safe format of work: flexible work conditions including remote work or hybrid models alternating between in-office hours and remote work. Offices with uninterruptible power supply and bomb shelters are provided to perform duties.Professional development: knowledge sharing with colleagues from abroad, development within the company, upskilling and reskilling opportunities, internal competitions. The possibility of obtaining a T-shaped expertise. Internal and external training programs. Corporate English courses. Soft skills trainings at our corporate L&D academy. Team building activities and involvement in social projects. Attractive social package and well-being: 28 days of paid vacation, medical insurance, official employment. Mental and Physical health support: individual psychological sessions and lectures, -free online workouts, yoga.Stable income: competitive salary and bonuses for your efforts and contribution, rewards for participation in the referral program.Our team on social media:FacebookInstagram__________________________________________________________ We — Aval — Raiffeisen Bank Aval — Raiffeisen Bank Ukraine — Ukrainian bank. For 30 years, since the first steps of Independence, we have been creating and building the banking system of our state #Together_with_Ukraine. We were and are one of the largest banks in the country, a reliable partner for millions of Ukrainians. Raiffeisen Tech is responsible for the technological side of changes at Raifa — it is a kind of IT company within the bank. We increase the efficiency and speed of digital products, introduce modern engineering practices and innovations. We do everything to ensure that the client receives a cool and reliable service. Combining the principles of people-centeredness and innovation in our work is our way. We invite to the team people who will be with us in the movement of innovations. Join the #Raifkomanda! What you will do: Organization of internal SOC processes: Processes of log management, monitoring and management of information security incidents Development of monitoring scenarios Administration of monitoring and log management systems Necessary knowledge and experience :Knowledge at the administrator and analyst level of OpenSearch/ELKKnowledge of AWS logging and monitoring tools and services (CloudTrail, CloudWatch, VPC Flow Logs, AWS Security Hub, etc.)Basics of AWS, Microsoft Defender for EndPointKnowledge of tactics, techniques and procedures according to MITER ATT&CKKnowledge at the administrator level syslog, windows event log collector Basics of Linux, Windows operating systems, principles of operation of switching equipment and basic security tools (IPS/HIPS, FW, WAF, Proxy, AV, DLP, IDM) Basics of SQL, regex, Python Principles of information security monitoring organization and incident management (use cases, rulebooks/playbooks, response procedures)Knowledge of K8sWould be a plus:Knowledge at the administrator and analyst level of OpenSearch/ELKKnowledge of AWS logging and monitoring tools and services (CloudTrail, CloudWatch, VPC Flow Logs, AWS Security Hub, etc.)Knowledge at the administrator level and analytics of the ArcSight product line (ArcSight ESM 7.X, ArcSight Logger 7.X, ArcSight Command Center 2.X), development and administration of ArcSight connectorsKnowledge at the level of a Splunk analystKnowledge of the basics of Threat Intelligence (MISP)We offer: Experience in a large system international business : working for a large international company that creates a diverse and inclusive environment for the professional and personal development of employees. A powerful community of Raiffeisen Bank International, which consists of highly professional and successful teams from different countries. Cool WOW projects: participation in large-scale projects for the development of banking products, using advanced technologies and approaches that will allow our clclients receive the best, most convenient service. Convenient and safe work format: flexible conditions, the ability to work remotely or in a hybrid model (remotely and in the office). To perform your duties, you can use offices with uninterrupted power supply and available bomb shelters. Professional development: exchange of knowledge with colleagues from abroad, development within the company, professional development and retraining, participation in internal selections. The possibility of obtaining a t-shaped examination. Internal and external training. Corporate English language courses. Soft skills training at our corporate academy. Team-building activities and participation in social projects. Social package and Wellbeing program: 28 days of paid basic vacation and additional vacations, health insurance, official employment. Mental and physical health care: individual psychological sessions and group lectures, free online sports classes. Stable income: competitive salary and bonuses for your personal contribution, rewards for participation in the referral program. Our team on social networks: FacebookInstagram