Security Operations Center Engineer

Role Description

– Engagement in cyber engineering activities at the infrastructure, application and configuration layers to provision and maintain security toolset that is used for the prevention, detection and response to security events.
– Provide input, help prepare and update a risk-prioritized roadmap of cyber defense improvements and operational and tactical levels, developing and maintaining plans for those improvements at the direction of the the team leads.
– Conduct engineering activities that allow for the prioritized and on-going prevention and detection of attacks.
– Plan and assist in the build out of tooling that allows for the conduct threat hunting, cyber defense assurance testing, malware reverse engineering, assisting directly in malware and vulnerability research
– Understand emerging threats and assist in providing risk reduction strategies
– Clearly communicate findings in written gap analysis, planning and reporting documentation
– Support the information security team in its ability to adopt innovative solutions and technology towards delivering a data secure environment both internally and externally
– Support the development of Security Operations Center orchestration to reduce incident detection to response times.

Role Requirements

Educational Qualifications and Experience:

Education: Bachelor’s degree in Computer Science, Information Systems, or a related technical field

Role Specific Experience: 3+ years of experience
Experience in IT infrastructure and IT security as well as in the analysis of log data (Unix Linux derivatives, Windows operating systems, databases
Experience with log management and SIEM systems – preferred ArcSight ESM
Experience in the analysis, creation and review of SIEM use cases including source connection and creation of flex connectors
Ability to script code and organize data so it can be used for security analysis purposes
Knowledge of threat actors and how they utilize their tools, techniques, and procedures, and how cyber defenses can be engineered to prevent and detect them
Knowledge and/or experience with one or more of the following technologies: Intrusion Prevention, Web Application Firewall, Vulnerability Management, Red Teaming, Application Security, Cloud Security, Containers Security, Linux, Windows Desktop, Windows Server administration, Routing and Switching
Ability to recognize problems and exercise their own intuition and judgment to find solutions.
Strong research background, utilizing an analytical approach
Knowledge of IDPS, SIEM, Endpoint Security, CASB, and other security tools.
Willingness to learn and develop in the security field
Security certification would be considered an advantage (e.g. Security+, GCIA, GCIH, CISSP)
Any other technical certification would be considered an advantage

Required Skills/Abilities:

Fluent in English
High level of responsibility, team ability and initiative Customer / service oriented manner
Good communication skills and strong analytical skills, as well as the pleasure of solving complex questions and getting to know new topics
High ability to work under pressure even at difficult conditions
Good team player with high ability to work in cross-locational and international teams
Willingness to participate in on call services and travel to foreign locations (New York, Singapore, London, Luxembourg)

Apply now

Application Form

The fields marked with "*" are required


Only PDF, DOC and DOCX files allowed. Maximum file size is 10MB.


Only PDF, DOC and DOCX files allowed. Maximum file size is 10MB.

I agree to be contacted and to receive relevant marketing and sales information about BULPROS products and services, as well as those of the companies in our group (For more details, please check our Data Privacy terms). I agree to be contacted by:

Benefits

Career development

Work-life balance

Company benefits