We are looking for a seasoned Senior Security Software Engineer to join our team at EPAM.
This person will bring a wealth of experience in Cyber, Information, Network, and Cloud Security in Enterprise environments. The ideal candidate will have a solid background in working within an Enterprise SOC and possess hands-on experience in configuring SIEM and SOAR technologies to improve detections and responses to security incidents.

#LI-DNI

Responsibilities

• Configure SIEM and SOAR solutions to integrate seamlessly with various security tools, systems, and data sources
• Conduct tests and validation for both SIEM and SOAR settings
• Develop and implement detection use-cases and SIEM detection rules
• Create and implement SOAR remediation use-cases
• Streamline security operations by creating, testing, and updating SOAR playbooks
• Integrate log sources with SIEM solutions and optimize log ingestion and processing
• Perform threat hunting, enrich data, onboard threat intelligence feeds, and utilize those for automated responses
• Generate reports for both technical and non-technical staff and stakeholders
• Stay informed about the latest in SIEM technologies and seek continuous improvement

• Minimum 3 years of experience with SIEM solutions like Azure Sentinel, Splunk, Google SecOps, QRadar, or ArcSight
• Competency in cloud platforms such as GCP or Azure
• Technical knowledge of internet security protocols, network protocols, IDS/IPS, firewalls, content filtering technologies, and Network Behavior Analysis tools
• Understanding of basic Windows, Linux, DB, network device monitoring, and log techniques
• Familiarity with host and network security hardening and common security risk management concepts
• Fluent English communication skills at a B2+ level

• Proficiency in scripting and automation using Python or PowerShell, and developing API integrations with SIEM/SOAR tools
• Familiarity with MITRE ATT&CK framework, CAPEC and other attack frameworks
• Experience with AI assistance in daily security operations
• Experience with SIRP/SOAR tools such as Google SecOps SOAR, TheHive, Cortex, Splunk Phantom, Demisto/XSOAR, or Resilient
• Knowledge of Splunk SPL, Splunk CIM, YARA-L 2.0, UDM, and KQL

• Career plan and real growth opportunities
• Unlimited access to LinkedIn learning solutions
• International Mobility Plan within 25 countries
• Constant training, mentoring, online corporate courses, eLearning and more
• English classes with a certified teacher
• Support for employee's initiatives (Algorithms club, toastmasters, agile club and more)
• Enjoyable working environment (Gaming room, napping area, amenities, events, sport teams and more)
• Flexible work schedule and dress code
• Collaborate in a multicultural environment and share best practices from around the globe
• Hired directly by EPAM & 100% under payroll
• Law benefits (IMSS, INFONAVIT, 25% vacation bonus)
• Major medical expenses insurance: Life, Major medical expenses with dental & visual coverage (for the employee and direct family members)
• 13 % employee savings fund, capped to the law limit
• Grocery coupons
• 30 days December bonus
• Employee Stock Purchase Plan
• 12 vacations days plus 4 floating days
• Official Mexican holidays, plus 5 extra holidays (Maundry Thursday and Friday, November 2nd, December 24th & 31st)
• Monthly non-taxable amount for the electricity and internet bills