Senior SOC Engineer
Вакансия № 31769669 в населенном пункте (городе) Алматы, Казахстан от компании "ТОО inDrive" на сайте Мультирегиональный Электронный Центр Занятости Населения (ЦЗН).
Репутация компании "ТОО inDrive" в отзывах работников:
Читайте свежие отзывы сотрудников об этой организации на этом сайте.
Оставить мнение об этом работодателе без регистрации бесплатно на этом сайте.
Обязательное требование к опыту работы искомого сотрудника: 3–6 лет.
График работы: полный день.
Тип занятости: полная занятость.
Вакансия № 31769669 добавлена в базу данных: Пятница, 24 мая 2024 года.
Дата обновления этого объявления: Воскресенье, 2 июня 2024 года.
| Рейтинг вакансии: 33,33 из 100 баллов |
Адрес вакантного места работы: Алматы, улица Каныша Сатпаева, 22/1.
Работодатель предложит заработную плату по результатам собеседования с соискателем работы.
We are looking for an experienced Senior SOC Engineer.
inDrive is an international technological platform for transport and personal services. We are one of the top 2 mobile travel booking services in the world with over 150 million installs, over 2 billion trips, 600+ cities in 45+ countries.
inDrive is a product used by tens of millions of people every month. They make urban or intercity trips, order cargo transportation or courier delivery, look for work and call handymen to provide household services.
Responsibilities:
- Develop, review and improve correlation rules for SIEM to detect malicious activity in different parts of infrastructure
- Review and update response playbooks for SIEM alerts and information security incidents
- Develop new microservices to automate SOC tasks and duties and improve existing ones in terms of stability, efficiency and scalability
- Analyze the current SOC activities, generate the automation proposals, develop the architecture of future solutions
- Research the new technologies and their applicability in SOC, lead the implementation of such technologies
- Respond to SIEM alerts and participate in security incidents investigations together with other members of the SOC team
Requirements:
Who we are looking for:
- Experience working with at least one of the popular SIEM solutions (Splunk, ArcSight ESM, QRadar, etc.) as an engineer or analyst
- Experience in developing and optimizing SIEM correlation rules to detect malicious activity
- Understanding of tactics, techniques and procedures (in accordance with the MITER Attack matrix) used at different stages of hacker attacks (initial access, lateral movement, privilege escalation, persistence, etc)
- Middle and higher Python level
- Experience designing simple, scalable, and efficient microservices in Python or Golang
- Ability to work with documentation (+ ability to quickly understand any library)
- Experience with Github or Gitlab
- English at the level of reading technical documentation
What makes you a better fit:
- Experience in developing detection rules for SIEM for Cloud (AWS/GCP) and Kubernetes infrastructure
- Knowledge and experience with asynchrony mechanisms in Python (asyncio, aiohttp, FastApi)
- Ability to build modular and extensible architecture, experience in using various architectural patterns
- Experience with Github Actions, Gitlab CI or other CI/CD systems
- Experience with Docker, writing Docker-compose files
- Experience writing Helm Charts, deploying services in K8S via Helm
-
Professional certificates in practical information security in offensive and defensive area
Skills Tags: Splunk, SIEM, Linux, Falco, Osquery, Auditd, Docker, Kubernetes, Helm, AWS, GCP, Python, Golang, Windows, Sysmon, Elastic, Mitre Attack, MacOS, Github, Ansible, Terraform
We offer:
- Relocation to company offices in Cyprus or Kazakhstan;
- Modern MacBook Pro and other equipment necessary for work;
- Unlimited opportunities for professional and career growth, regular external and internal training from our partners;
- Personal growth programs in which we set goals and move towards them together;
- Become part of an international team of professionals and just good people who together create one of the coolest success stories in the global IT industry.
Разместить Ваше резюме сейчас ...
Написать в компанию ...