Senior Security Engineer (SIEM and SOAR)

EPAM is seeking a talented Senior Security Engineer experienced in Cyber/Information/Network/Cloud Security in Enterprise environments, with decent scale knowledge of SIEM and SOAR technologies.

The ideal candidate should have a background, working within an Enterprise SOC with proven hands-on experience in SIEM and SOAR configuration to enable detection of security events and incidents response. SOC Engineer will be a part of a SIEM engineering practice focused on migration projects for our customers.

Responsibilities

• SIEM & SOAR Configuration: Configure SIEM and SOAR solutions, ensuring seamless integration with various security tools, systems, and data sources. Conduct SIEM and SOAR testing and validation
• Use Cases Development & Implementation: Develop detection use-cases and implement SIEM detection rules. Develop SOAR remediation use-cases. Create, test, and update SOAR playbooks to streamline security operations
• Log Sources Integration & Threat Hunting: Integrate log sources with SIEM, optimize log ingestion and processing. Perform threat hunting, data enrichment, threat intelligence feeds onboarding, and utilize them for automated responses
• Documentation & Reporting: Generate reports for both technical and non-technical staff and stakeholders
• Relentless Improvement: Stay up-to-date with SIEM technologies and identify opportunities for continuous improvement

Requirements

• At least 2 years experience with 1 or more SIEM solutions (Azure Sentinel, Splunk, Google SecOps, QRadar, ArcSight, etc.)
• Basic knowledge of at least 1 cloud platform (GCP, Azure)
• Technical knowledge of Internet security, Network protocols, and related technologies, including IDS/IPS, firewalls, content filtering, Network Behaviour Analysis tools, Anti-malware and packet inspection
• Basic understanding of Windows, Linux, DB, network device monitoring and logging techniques
• Basic understanding of host and network security hardening, and common security risk management concepts

Nice to have

• Proficiency in scripting and automation (e.g., Python, PowerShell), developing API integrations with SIEM/SOAR
• Familiarity with attack frameworks and knowledge bases, such as the MITRE ATT&CK framework, CAPEC, etc
• Experience with leveraging AI assistance in daily security operations
• Experience with 1 or more SIRP/SOAR tool (Google SecOps SOAR, TheHive, Cortex, Splunk Phantom, Demisto/XSOAR, Resilient etc.)
• Knowledge of Splunk Search Processing Language (SPL), Splunk Common Information Model (CIM), YARA-L 2.0, Unified Data Model (UDM), Kusto Query Language (KQL)

We offer

• We gather like-minded people:
• Engineering community of industry professionals
• Friendly team and enjoyable working environment
• Flexible schedule and opportunity to work remotely within Poland
• Chance to work abroad for up to 60 days annually
• Relocation within our 50+ offices
• We provide growth opportunities:
• Outstanding career roadmap
• Leadership development, career advising, soft skills, and well-being programs
• Certification (GCP, Azure, AWS)
• Unlimited access to LinkedIn Learning, Get Abstract, O’Reilly, Cloud Guru
• Language classes in English and Polish for foreigners
• We cover it all:
• Stable income (Employment Contract or B2B)
• Participation in the Employee Stock Purchase Plan
• Benefits package (health insurance, multisport, shopping vouchers)
• Strategically located offices featuring entertainment and relaxation zones, table tennis and football, free snacks, fantastic coffee, and more
• Referral bonuses
• Corporate, social and well-being events
• Please, note:
• The set of bonuses might vary based on the role you apply for – specifics will be discussed with our recruiter during the general interview
• We will reach out to selected candidates exclusively

EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.