EPAM is looking for a skilled Security Engineer with experience in Cyber, Information, Network, or Cloud Security in enterprise environments.
The role requires hands-on expertise in SIEM and SOAR configuration, along with a background in enterprise SOC operations. As part of the SIEM engineering practice, you will work on migration projects and enhance detection and incident response capabilities.
This position offers hybrid setup with the flexibility to work from any location in Lithuania, whether it's your home or our dynamic offices in Vilnius and Kaunas.

#LI-DNI#top-vacancies-10-LT-dec#hot-vacancies-security-lt-dec

Responsibilities

• Configure SIEM and SOAR tools, ensuring smooth integration with security systems. Test and validate their functionality
• Develop detection rules for SIEM and build SOAR playbooks to improve security processes
• Integrate log sources with SIEM, optimize data processing, and perform threat hunting. Use threat intelligence for automated responses
• Prepare reports for both technical and non-technical audiences
• Stay updated on SIEM technologies and identify opportunities for improvement

• At least 2 years of experience with one or more SIEM solutions (e.g., Azure Sentinel, Splunk, Google SecOps, QRadar, ArcSight)
• Basic knowledge of at least one cloud platform (e.g., GCP, Azure)
• Familiarity with monitoring and logging techniques for Windows, Linux, databases, and network devices
• Understanding of internet security, network protocols, and related technologies, including IDS/IPS, firewalls, content filtering, network behavior analysis tools, anti-malware, and packet inspection
• Basic knowledge of host and network security hardening, as well as common security risk management concepts

• Proficient in scripting and automation using tools like Python or PowerShell, with experience in developing API integrations for SIEM/SOAR solutions
• Familiarity with attack frameworks and knowledge bases, including the MITRE ATT&CK framework, CAPEC, and others
• Experience in utilizing AI tools to support daily security operations
• Hands-on experience with one or more SIRP/SOAR tools (e.g., Google SecOps SOAR, TheHive, Cortex, Splunk Phantom, Demisto/XSOAR, Resilient)
• Knowledge of query and processing languages such as Splunk Search Processing Language (SPL), Splunk Common Information Model (CIM), YARA-L 2.0, Unified Data Model (UDM), and Kusto Query Language (KQL)

• Engineering Heritage: Best-in-class experts sharing a culture of engineering excellence and tackling complex engineering challenges for over 30 years
• Advanced Tech Stack: Innovative projects where you can apply or enhance your expertise in Cloud, Data, AI, and other emerging technologies
• World-Class Clients: Work closely with 295+ of the Forbes Global 2000 on creating disruptive solutions that make a global impact
• Professional Growth: Exceptional support for career development with comprehensive resources for upskilling or reskilling in pioneering practices
• GenAI Community: Strong AI competencies with 600+ experts across 55+ locations driving GenAI-enabled transformation journeys
• Entrepreneurial Culture: If you're passionate and dedicated to improving business transformation, we provide the support you need to bring your ideas to life
• Hybrid Setup: The flexibility to work from any location in Lithuania, whether it's your home or our dynamic offices in Vilnius and Kaunas
• Other Benefits: Additional vacation and trust days, private health insurance, Employee Stock Purchase Plan and more