EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.
We are looking for a Senior Security Engineer to join our Team in Hungary.
The Security Engineer - SIEM role is responsible for providing operational leadership and support for the group SIEM infrastructure. As part of the Security Operations Team, the candidate will work closely with their direct manager to identify potential uses cases and report on metrics generated.
Want more jobs like this?
Get jobs in Budapest, Hungary delivered to your inbox every week.
Start an exciting new chapter in your career with EPAM!
#LI-DNI
Responsibilities
- Take ownership of the SIEM infrastructure, monitor the health status and size it properly
- Ensures optimal operation of SIEM filters, rules, expressions, reports, data monitors and other identification mechanisms of the threat and vulnerability management technologies
- Provide operational ownership of SIEM infrastructure & services, identifying potential use cases, implementing new log sources and work to deliver meaningful alerts to our SoC
- Generate weekly reports to highlight recurring and potential attacks
- Provider operational ownership of SOAR infrastructure and automation playbooks
- Analysing, designing, developing and delivering solutions to stop adversaries
- Identifying threats
- Perform investigations on incidents/alerts generated from the SIEM
- Perform purple exercises in collaboration with your colleagues of our internal and external infrastructure
- AAD, web-applications, cloud solutions, network, etc
- Minimum one year of SIEM administration experience with ArcSight required
- Certifications or related knowledge: PNPT and/or OSCP
- Demonstrated knowledge of vulnerability management systems and attack vectors
- Strong experience with attack vectors, vulnerabilities, and content creation
- Previous experience in a role of SoC analyst (L2-L3)
- Fluent English communication skills at a B2+ level
- SIEM administration experience with other tools
- Other industry certifications
- Dynamic, entrepreneurial corporate environment
- Diverse multicultural, multi-functional, and multilingual work environment
- Opportunities for personal and career growth in a progressive industry
- Global scope, international projects
- Widespread training and development opportunities
- Unlimited access to LinkedIn learning solutions
- Competitive salary and various benefits
- Advanced wellbeing and CSR programs, recreation area