We are a leading trading platform that is ambitiously expanding to the four corners of the globe. Our top-rated products have won prestigious industry awards for their cutting-edge technology and seamless client experience. We deliver only the best, so we are always in search of the best people to join our ever-growing talent team.
As a Security Operations | SIEM Engineer, you will be responsible for Detection & Response infrastructure, Threat Intelligence, SIEM Integrations, establishing new rules and implementing tools for security monitoring at the infrastructure level.
Responsibilities: Develop, manage and maintain a SIEM system and related tools for security event monitoring, alerting and incident analysis
Configure and optimise the process of data collection, correlation, and analysis from various sources (systems, applications, networks)
Develop and implement rules to detect potential threats and anomalies
Participate in responding (escalation) to information security incidents, investigate threats, and prepare recommendations
Participate in the configuration of SIEM integration with various security systems (EDR, Firewall, IDS/IPS, etc)
Continuously improve monitoring and analytical processes based on best practices in information security
Ensure compliance with internal security policies and regulatory requirements (PCI DSS, ISO 27001, GDPR, etc.)
Develop and maintain internal documentation (document procedures, best practices and go-forward solutions to ensure effective knowledge sharing and improvement of existing tools and processes)
General Requirements: 3+ years proven experience in the field of information security and defensive security-related roles
Knowledge of/experience with international information security standards, methodologies and frameworks: ISO 27001, PCI DSS, GDPR, NIST, MITRE, CIS Controls/Benchmarks, etc.
A Bachelor's degree is strongly preferred, specifically in Information Security, Information Technology, Computer Science or a related field
Relevant information security certifications are a plus
Skill Requirements: Strong knowledge of information security: fundamental concepts, architectures, tools, processes and operations (monitoring, IR, TI, TH, etc), information security threats and vulnerabilities, and countermeasures and associated operational best practices
Hands-on experience with network (firewalls and IDS/IPS systems) and endpoint security (Operation systems and EDR/EPP), security alert triage, event logs, writing correlation rules, and creating dashboards
Knowledge, practical skills and experience with security monitoring tools/systems
Experience with building, configuring, and managing SIEM and related tools
Experience with container environments, virtualisation and message brokers
Experience with various APIs and scripting (Bash, Shell, Powershell, Python, Ruby)
Basic knowledge of ethical hacking methods and penetration testing
Experience with security automation tools (SOAR), automation systems (IaC) and understanding CI/CD is a plus
What you get in return: You will join the company that cares about work and life balance
Annual Bonus based on the performance review cycle
Generous Annual Leave Policy
Medical Insurance and Pension fund, with additional benefit packages based on the location
Hybrid working model with full flexibility
Possibility of taking two additional days of paid leave per year to dedicate to volunteering efforts.
#J-18808-Ljbffr