Lead Security Systems Engineer (SOC)
EPAM Systems
Lead Security Systems Engineer (SOC) Description
EPAM is seeking a seasoned Security Lead with a strong SIEM deployment and migration background. The ideal candidate will have good experience in architecture, design, implementation, migration and optimization of modern SIEM solutions in highly regulated environments like finance and insurance among others. The ideal candidate should also have a background, working within an Enterprise SOC with proven hands-on experience in detection and response to security events and incidents.
Work closely with the client to understand the current and target state of the SIEM solutions. The most successful candidate will be a strong technologist with a practical approach to designing SIEM solutions within large enterprises. This candidate must be able to effectively collaborate with the client’s cyber security teams and SOCs to deliver optimal results. In addition, the SIEM Lead must be able to clearly and successfully communicate with a demonstrated understanding of the business and technical requirements of the client.
#LI-DNI
Responsibilities
- SIEM Deployment & Configuration: Lead the design, deployment, and configuration of SIEM solutions, ensuring seamless integration with various security tools, systems, and log sources
- SIEM Migration: Plan and execute SIEM migration projects, including data transfer, log source integration, rule/alert migration, and configuration tuning
- Use Case Development: Develop, customize, and fine-tune SIEM use cases, correlation rules, dashboards, and reports to effectively detect threats and suspicious activities
- Log Source Integration: Integrate diverse log sources such as firewalls, IDS/IPS, antivirus, cloud services, applications, and operating systems into the SIEM for comprehensive monitoring
- Incident Response Support: Collaborate with the SOC (Security Operations Center) team to support further use case creation and finetuning following SOC team requirements
- Performance Optimization: Regularly review and optimize SIEM performance to ensure efficient log collection, storage, processing, and alerting
- Documentation & Reporting: Maintain comprehensive documentation for SIEM configurations, integrations, and migration processes, providing regular reports on SIEM performance
- Training & Knowledge Sharing: Train and mentor junior security engineers and SOC analysts on SIEM use, best practices, and troubleshooting
- Collaboration: Work closely with IT, security, and network teams to ensure the SIEM platform aligns with security strategies and goals
Requirements
- At least 8 years of experience in Cyber Security. Most of which specialized in engineering SIEM solutions and working in a SOC
- Expertise in SIEM engineering and architecture, with a focus on at least Splunk or any other leading SIEM solutions like Microsoft Sentinel, QRadar, ArcSight, LogRythm
- Experience in managing the full delivery lifecycle for SIEM enhancements and automation including working on converged SIEM solutions that include SOAR and XDR solutions within it
- Proficiency in integrating log sources and developing correlation rules, alerts, and dashboards
- Experience working in cloud environments (AWS, Azure, GCP) and integrating cloud logs into SIEM solutions
- Understanding security frameworks (MITRE ATT&CK, NIST) and basic knowledge of regulatory compliance (GDPR, PCI-DSS)
- Knowledge of network protocols, firewalls, IDS/IPS, endpoint security, and threat intelligence
- The ability to understand the client’s needs, their specific security challenges, and the regulatory landscape to provide tailored solutions
- Should effectively communicate complex technical concepts to clients, build trust, and establish strong relationships
- Ability to manage stakeholders at various levels, from technical staff to senior executives
- Ability to work effectively with teams from different departments within large organizations and enterprises
- Skill in facilitating discussions, resolving conflicts, and building consensus among stakeholders with diverse perspectives
- Ability to make informed decisions based on evidence
We offer
- Career plan and real growth opportunities
- Unlimited access to LinkedIn learning solutions
- International Mobility Plan within 25 countries
- Constant training, mentoring, online corporate courses, eLearning and more
- English classes with a certified teacher
- Support for employee’s initiatives (Algorithms club, toastmasters, agile club and more)
- Enjoyable working environment (Gaming room, napping area, amenities, events, sport teams and more)
- Flexible work schedule and dress code
- Collaborate in a multicultural environment and share best practices from around the globe
- Hired directly by EPAM & 100% under payroll
- Law benefits (IMSS, INFONAVIT, 25% vacation bonus)
- Major medical expenses insurance: Life, Major medical expenses with dental & visual coverage (for the employee and direct family members)
- 13 % employee savings fund, capped to the law limit
- Grocery coupons
- 30 days December bonus
- Employee Stock Purchase Plan
- 12 vacations days plus 4 floating days
- Official Mexican holidays, plus 5 extra holidays (Maundry Thursday and Friday, November 2nd, December 24th & 31st)
- Monthly non-taxable amount for the electricity and internet bills
EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.
By applying to our role, you are agreeing that your personal data may be used as in set out in EPAM´s Privacy Notice and Policy.