Senior SOC Engineer - Security Operations Center (m/f)

Are you passionate about securing global-scale e-commerce services and applications that power millions of customers across hundreds of countries around the globe?

Are you passionate about cutting edge technology, security monitoring, threat detection, incident generation, intrusion analysis, and responding to security events?

If so, we are looking for you to hold a role of a Senior SOC Engineer!

Client Details

Our Client is a global company, operating for more than 20 years on the market. Their sector of operations is e-commerce with reach to more than 180 countries. Together with the expansion of operations follow increase of organizational structure. Hence, Poland was selected as a location for new teams that will secure their operations in Europe.

Description

Choose Your Own Adventure: While SOC will be this individual's primary role, we seek out Information Security Engineers with a broad range of skills who can pivot to other technologies or passionately learn other skills and technologies. You will have the ability to 'choose your own adventure' a percentage of the time in other areas of Cyber Security, including and not limited to: Digital Forensics and Incident Response (DFIR), Incident Handling, SOC and Intrusion Analysis, Automation, Cyber Threat Intelligence, Cyber Defense, and Offensive Security.

Senior SOC Engineer:

• participates in activities including monitoring, detection, incident generation, alerting, and incident response,
• regularly reports to and receives feedback from management, the VSOC, or the MDR platform including detections, escalations, processes, tools, and services,
• supports multiple security-related platforms and technologies utilizing SOAR/Automation, cyber threat intelligence, and threat hunting,
• interfaces with members of the IT organization, other internal business units, and external parties as necessary,
• helps define and tune use cases related to incident generation, threat detection, incident triage, correlation rules, and thresholds,
• participates in the Incident Response process to detect, respond, and contain suspicious or malicious activity.

Profile

• At least 5+ years experience in information security monitoring, incident response, security operations, or related experience.
• A minimum three (3) year of security monitoring, incident response, security operations, Blue Team, Red/Purple Team, and/or MSSP experience, preferred.
• Preferred certifications: GCIH, GCIA, GPEN, GWAPT, CISSP, or equivalent.
• BA/BS or MA/MS in Engineering, Computer Science, Information Security, or Information Systems, or comparable training/experience, or a combination of education and equivalent work experience.
• Experience working with a broad range of Cyber Defense security tools, SIEM systems (dashboards, alerts, queries, regex, etc.), threat intelligence platforms, security automation and orchestration solutions (SOAR), intrusion detection and prevention systems (IDS/IPS), web filters, endpoint detection and response (EDR/NGAV), file integrity monitoring (FIM), DLP, cloud platforms (AWS, GCP, Azure), email security, and other network and system monitoring tools.
• Experience with container platforms (Docker, Kubernetes, …) desired.
• Knowledge of IT/Information Security Audit and assessment.
• Knowledge of information security practices and concepts including firewalls, intrusion detection/prevention, EDR, NetFlow analysis, access controls, risk analysis, vulnerability scanning, web content filtering, web proxy systems, DFIR, application whitelisting and data encryption.
• Experience with Microsoft Office Suite (e.g., Word, Excel, PowerPoint, etc.).
• Experience with Google Workspace (e.g., Gmail, Drive, Docs, Sheets, Forms. etc.)

Job Offer