Senior Security Engineer (Cyber Threat Intelligence + SOC Azure Sentinel)
EPAM Systems
Remote
Posted on Friday, May 3, 2024
Senior Security Engineer (Cyber Threat Intelligence + SOC Azure Sentinel) Description
DESCRIPTION
Are you a skilled Senior Security Engineer with a focus on Cyber Threat Intelligence and SOC Azure Sentinel?
Do you thrive in dynamic, collaborative environments?
If so, we have an exciting opportunity for you!
We're currently seeking a Senior Security Engineer to join our vibrant team.
This role offers the chance to perform thorough reviews of existing use cases, rules, log sources, and log parsers to identify gaps and opportunities for improvement. If you're ready to take your career to the next level, we'd love to hear from you!
EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.
Responsibilities
- Perform thorough reviews of existing use cases, rules, log sources, and log parsers to identify gaps and opportunities for improvement
- Guide stakeholders with additional recommendations regarding security logs management for cost optimization
- Evaluate and ensure that the developed use cases generate relevant events of interest for the Threat Hunt and Incident Response (IR) team
- Reduce false alerts by tuning/disabling noisy use cases and making alerts manageable for the Security Operations Center (SOC)
Requirements
- Minimum of 3 years of experience in SIEM use case management
- Expertise in Sentinel SIEM, Microsoft XDR and KQL query
- An in-depth understanding of the MITRE ATT&CK Framework
- Ability to work within a team, share workload and responsibilities
- B2 English level or upper
Nice to have
- Microsoft 365 Defender
- Microsoft Defender for Endpoint
- Sentinel Log Manager
Technologies
- Azure Sentinel SIEM
- Microsoft XDR
- KQL query
- Depth understanding of the MITRE ATT&CK Framework
We Offer
- Career plan and real growth opportunities
- Unlimited access to LinkedIn learning solutions
- International Mobility Plan within 25 countries
- Constant training, mentoring, online corporate courses, eLearning and more
- English classes with a certified teacher
- Support for employee’s initiatives (Algorithms club, toastmasters, agile club and more)
- Enjoyable working environment (Gaming room, napping area, amenities, events, sport teams and more)
- Flexible work schedule and dress code
- Collaborate in a multicultural environment and share best practices from around the globe
- Hired directly by EPAM & 100% under payroll
- Law benefits (IMSS, INFONAVIT, 25% vacation bonus)
- Major medical expenses insurance: Life, Major medical expenses with dental & visual coverage (for the employee and direct family members)
- 13 % employee savings fund, capped to the law limit
- Grocery coupons
- 30 days December bonus
- Employee Stock Purchase Plan
- 12 vacations days plus 4 floating days
- Official Mexican holidays, plus 5 extra holidays (Maundry Thursday and Friday, November 2nd, December 24th & 31st)
- Relocation bonus: transportation, 2 weeks of accommodation for you and your family and more
- Monthly non-taxable amount for the electricity and internet bills
Conditions
- By applying to our role, you are agreeing that your personal data may be used as in set out in EPAM´s Privacy Notice and Policy