Siem Engineer
7 giorni fa
EmiliaRomagna, Italia
Buscojobs
A tempo pieno
We are a leading trading platform that is ambitiously expanding to the four corners of the globe. Our top-rated products have won prestigious industry awards for their cutting-edge technology and seamless client experience. We deliver only the best, so we are always in search of the best people to join our ever-growing talent team.
As a Security Operations | SIEM Engineer, you will be responsible for Detection & Response infrastructure, Threat Intelligence, SIEM Integrations, establishing new rules and implementing tools for security monitoring at the infrastructure level.
Responsibilities:
- Develop, manage and maintain a SIEM system and related tools for security event monitoring, alerting and incident analysis
- Configure and optimise the process of data collection, correlation, and analysis from various sources (systems, applications, networks)
- Develop and implement rules to detect potential threats and anomalies
- Participate in responding (escalation) to information security incidents, investigate threats, and prepare recommendations
- Participate in the configuration of SIEM integration with various security systems (EDR, Firewall, IDS/IPS, etc)
- Continuously improve monitoring and analytical processes based on best practices in information security
- Ensure compliance with internal security policies and regulatory requirements (PCI DSS, ISO 27001, GDPR, etc.)
- Develop and maintain internal documentation (document procedures, best practices and go-forward solutions to ensure effective knowledge sharing and improvement of existing tools and processes)
General Requirements:
- 3+ years proven experience in the field of information security and defensive security-related roles
- Knowledge of/experience with international information security standards, methodologies and frameworks: ISO 27001, PCI DSS, GDPR, NIST, MITRE, CIS Controls/Benchmarks, etc.
- A Bachelor’s degree is strongly preferred, specifically in Information Security, Information Technology, Computer Science or a related field
- Relevant information security certifications are a plus
Skill Requirements:
- Strong knowledge of information security: fundamental concepts, architectures, tools, processes and operations (monitoring, IR, TI, TH, etc), information security threats and vulnerabilities, and countermeasures and associated operational best practices
- Hands-on experience with network (firewalls and IDS/IPS systems) and endpoint security (Operation systems and EDR/EPP), security alert triage, event logs, writing correlation rules, and creating dashboards
- Knowledge, practical skills and experience with security monitoring tools/systems
- Experience with building, configuring, and managing SIEM and related tools
- Experience with container environments, virtualisation and message brokers
- Experience with various APIs and scripting (Bash, Shell, Powershell, Python, Ruby)
- Basic knowledge of ethical hacking methods and penetration testing
- Experience with security automation tools (SOAR), automation systems (IaC) and understanding CI/CD is a plus
What you get in return:
- You will join the company that cares about work and life balance
- Annual Bonus based on the performance review cycle
- Generous Annual Leave Policy
- Medical Insurance and Pension fund, with additional benefit packages based on the location
- Hybrid working model with full flexibility
- Possibility of taking two additional days of paid leave per year to dedicate to volunteering efforts.