Hiring bonus: 10% of monthly salary

Next job

Инженер SOC in Fin Plus Plus

1 April

106 views

0 applications   0 responses

0
0 reviews
2 years
Pre-Intermediate
Remote work

Translated by Google

Due to the expansion of the team, we are looking for a reliable, intelligent, attentive and responsible SOC Engineer who is ready to join our team.

Your functions will include:

▪ Monitor dashboards and review security event management system (SIEM) alerts to identify incidents of unusual behavior of network users/hosts

▪ Building analytical queries in the Splunk Enterprise system to identify incidents

▪ Documenting incidents, assessing the damage caused and the extent of the impact

▪ Administration of the Microsoft update system service (WSUS)

▪ Elimination of technical debt by metrics

▪ Participation in the elimination of the consequences of incidents: installing patches, restoring information from backup copies, updating antivirus databases, etc.

▪ Ensuring implementation and improvement of incident monitoring processes

▪ Incident management and incident response



Requirements for the position:

▪ Understanding the basic aspects of ensuring information security (confidentiality-integrity-availability)

▪ Knowledge of standards and best practices in the field of information security (ISO27000, CIS controls, SANS Top 20 Critical Security Controls, etc., OWASP Top 10)

▪ Experience in administration of operating systems: Microsoft Windows/Linux

▪ Experience in managing operating system services (AD, Exchange, DNS, DHCP, web-servers, etc.)

▪ Experience with command line utilities tcpdump, iptables (nftables), firewalld

▪ Understanding the lifecycle of incident handling (analysis, impact assessment, resolution)

▪ Understanding the purpose of a security information event processing (SIEM) system.

▪ Ability to flexibly manage priorities

▪ Understanding the functions and purpose of cyber security tools (IDS/IPS, FW, WAF, DAF, SIEM, etc.)

▪ Experience working with one of the endpoint protection solutions of leading vendors (CISCO, Symantec, TrendMicro, ESET, etc.)

▪ Work experience of 2 years or more as a system administrator or 2nd level support line

▪ Higher education in one of the fields: computer, mathematical or engineering sciences


We offer:

• SP depends on your level

• 8-hour working day

• Training within the company

• Possibility of career and professional growth


We are waiting for your resume!

Specializations: Security Engineer
Keywords: Security Engineer, Cyber security, Information Security

Translated by Google

2 years
Pre-Intermediate
Remote work
Want to get related jobs?
New job openings in your Telegram
Subscribe
We use cookies
accept