Responsibilities:
  • Monitor on-prem and cloud infrastructure for attacks, intrusions, and unusual, unauthorized, or illegal activity;
  • Monitor identity and access management, including monitoring for abuse of permissions by authorized system users;
  • Create SIEM and SOAR detection and remediation scenarios, implement them as detection and response rules. Create, test, and update playbooks;
  • Manage Splunk rules according to incident response reports, root cause analysis, threat hunting reports and business needs;
  • Configure or guide system administrators what you need configure on target solutions;
  • Apply best practices on Splunk environment and connected modules;
  • Help SOC to solve day-to-day activities and actively collaborate.
Рекрутерка
Зінаїда Козачук
Requirements:
  • Minimum 3 years of Splunk experience;
  • Technical knowledge of Internet security, networking protocols, and related technologies, including IDS/IPS, firewalls, content filtering, Network Behavior Analysis tool, Anti-malware, and packet inspection;
  • Good understanding of cloud architecture and services which process or sends logs to Splunk;
  • Advance understanding of Windows, Linux, DB, and network device monitoring and logging technics;
  • Advance understanding of host and network security hardening, networking protocols, common intrusion techniques, and common risk management concepts;
  • Basic knowledge of malware detection, intrusion detection, and prevention systems;
  • Good TCP/IP knowledge, especially in cloud;
  • Experience with network security will be a plus;
  • Experience with web security will be a plus.
Nice to have:
  • Experience with endpoint protection;
  • Experience with vulnerability scanners;
  • Have 2 years of IT experience (Information Security or Administration);
  • Have experience in writing technical documentation, procedures, and policies;
  • Good knowledge of penetration testing;
  • Good knowledge of 1-2 programming languages.

Тебе також можуть зацікавити

Чому варто приєднатись до команди INTELLIAS

У нас ти знайдеш доброзичливе середовище та можливості навчатися й зростати щодня.

Можливості релокації в INTELLIAS

Отримуй новий досвід та відкривай нові горизонти, знаходячись лише в декількох годинах подорожі…

Підтримка здоров’я та спорту

Ми докладаємо максимум зусиль, щоб забезпечити комфортні умови для консультантів компанії, та піклуємося…

Як стати частиною команди INTELLIAS

Ми робимо все можливе, щоб спростити та прискорити твій шлях до нашої команди. Будемо раді бачити тебе...