Инженер ИБ (2ая линия SOC)

Basic requirements (education, skills)

Higher technical education
Specialty: information security/information protection
Work experience in information security for at least 2 years
Knowledge of the Windows and Linux operating system at the administrator level;
Knowledge of the principles of SIEM systems
Knowledge of the capabilities and principles of functioning of modern means of ensuring information security
Experience in parsing events for non-standard sources;
Information Security Analyst skills
Understanding of architecture and mechanisms of building computer networks (Ethernet, DNS, TCP/IP, DMZ, FW, etc.)
Ability to work in a team.

What to do (functional responsibilities)

Administration, development and maintenance of the monitoring system;
Connecting new event sources;
Development of incident detection rules and system configuration in accordance with them;
Participation in the resolution of information security incidents, issuing recommendations, interpreting the collected data.
Monitoring and evaluation of the effectiveness of the measures taken and the applied SPI;
Participation in the investigation of information security incidents;
Preparation of summary reports on the results of the work.

What we offer (social package, benefits, bonuses)

Free English language learning within the company;
Fitness Compensation;
Medical services compensation
Table tennis in the office;
Corporate Library;
Activities: football, basketball, summer and winter corporate parties.