Security Operations Engineer

EPAM is seeking a talented security engineer with experience in Cyber/Information/Network/Cloud Security in Enterprise environments and decent-scale knowledge of SIEM and SOAR technologies. The ideal candidate should have a background working within an Enterprise SOC and proven hands-on experience in SIEM and SOAR configuration to enable detection of security events and incident response.

#LI-DNI

Responsibilities

• SIEM & SOAR Configuration: Configure SIEM and SOAR solutions, ensuring seamless integration with various security tools, systems, and data sources; Conduct SIEM and SOAR testing and validation
• Use Cases Development & Implementation: Develop detection use-cases and implement SIEM detection rules; Develop SOAR remediation use-cases; Create, test, and update SOAR playbooks to streamline security operations
• Log Sources Integration & Threat Hunting: Integrate log sources with SIEM, optimize log ingestion and processing; Perform threat hunting, data enrichment, threat intelligence feeds onboarding, and utilize them for automated responses
• Documentation & Reporting: Generate reports for both technical and non-technical staff and stakeholders
• Relentless Improvement: Stay up-to-date with SIEM technologies and identify opportunities for continuous improvement

Requirements

• At least 3 years experience with one or more SIEM solutions (Azure Sentinel, Splunk, Google SecOps, QRadar, ArcSight, etc.)
• Knowledge of at least 1 cloud platform (GCP, Azure)
• Technical knowledge of Internet security, Network protocols, and related technologies, including IDS/IPS, firewalls, content filtering, Network Behavior Analysis tools, Anti-malware and packet inspection
• Basic understanding of Windows, Linux, DB, network device monitoring and logging techniques
• Basic understanding of host and network security hardening, and common security risk management concepts

Nice to have

• Proficiency in scripting and automation (e.g., Python, PowerShell), developing API integrations with SIEM/SOAR
• Familiarity with attack frameworks and knowledge bases, such as the MITRE ATT&CK framework, CAPEC, etc
• Experience with leveraging AI assistance in daily security operations
• Experience with 1 or more SIRP/SOAR tool (Google SecOps SOAR, TheHive, Cortex, Splunk Phantom, Demisto/XSOAR, Resilient etc.)
• Knowledge of Splunk Search Processing Language (SPL), Splunk Common Information Model (CIM), YARA-L 2.0, Unified Data Model (UDM), Kusto Query Language (KQL)

We offer

• Career plan and real growth opportunities
• Unlimited access to LinkedIn learning solutions
• International Mobility Plan within 25 countries
• Constant training, mentoring, online corporate courses, eLearning and more
• English classes with a certified teacher
• Support for employee's initiatives (Algorithms club, toastmasters, agile club and more)
• Enjoyable working environment (Gaming room, napping area, amenities, events, sport teams and more)
• Flexible work schedule and dress code
• Collaborate in a multicultural environment and share best practices from around the globe
• Hired directly by EPAM & 100% under payroll
• Law benefits (IMSS, INFONAVIT, 25% vacation bonus)
• Major medical expenses insurance: Life, Major medical expenses with dental & visual coverage (for the employee and direct family members)
• 13 % employee savings fund, capped to the law limit
• Grocery coupons
• 30 days December bonus
• Employee Stock Purchase Plan
• 12 vacations days plus 4 floating days
• Official Mexican holidays, plus 5 extra holidays (Maundry Thursday and Friday, November 2nd, December 24th & 31st)
• Monthly non-taxable amount for the electricity and internet bills

EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.
By applying to our role, you are agreeing that your personal data may be used as in set out in EPAM's Privacy Notice and Policy.