Siem Engineer

7 giorni fa


EmiliaRomagna, Italia Buscojobs A tempo pieno

We are a leading trading platform that is ambitiously expanding to the four corners of the globe. Our top-rated products have won prestigious industry awards for their cutting-edge technology and seamless client experience. We deliver only the best, so we are always in search of the best people to join our ever-growing talent team.


As a Security Operations | SIEM Engineer, you will be responsible for Detection & Response infrastructure, Threat Intelligence, SIEM Integrations, establishing new rules and implementing tools for security monitoring at the infrastructure level.

Responsibilities:

  • Develop, manage and maintain a SIEM system and related tools for security event monitoring, alerting and incident analysis
  • Configure and optimise the process of data collection, correlation, and analysis from various sources (systems, applications, networks)
  • Develop and implement rules to detect potential threats and anomalies
  • Participate in responding (escalation) to information security incidents, investigate threats, and prepare recommendations
  • Participate in the configuration of SIEM integration with various security systems (EDR, Firewall, IDS/IPS, etc)
  • Continuously improve monitoring and analytical processes based on best practices in information security
  • Ensure compliance with internal security policies and regulatory requirements (PCI DSS, ISO 27001, GDPR, etc.)
  • Develop and maintain internal documentation (document procedures, best practices and go-forward solutions to ensure effective knowledge sharing and improvement of existing tools and processes)

General Requirements:

  • 3+ years proven experience in the field of information security and defensive security-related roles
  • Knowledge of/experience with international information security standards, methodologies and frameworks: ISO 27001, PCI DSS, GDPR, NIST, MITRE, CIS Controls/Benchmarks, etc.
  • A Bachelor’s degree is strongly preferred, specifically in Information Security, Information Technology, Computer Science or a related field
  • Relevant information security certifications are a plus

Skill Requirements:

  • Strong knowledge of information security: fundamental concepts, architectures, tools, processes and operations (monitoring, IR, TI, TH, etc), information security threats and vulnerabilities, and countermeasures and associated operational best practices
  • Hands-on experience with network (firewalls and IDS/IPS systems) and endpoint security (Operation systems and EDR/EPP), security alert triage, event logs, writing correlation rules, and creating dashboards
  • Knowledge, practical skills and experience with security monitoring tools/systems
  • Experience with building, configuring, and managing SIEM and related tools
  • Experience with container environments, virtualisation and message brokers
  • Experience with various APIs and scripting (Bash, Shell, Powershell, Python, Ruby)
  • Basic knowledge of ethical hacking methods and penetration testing
  • Experience with security automation tools (SOAR), automation systems (IaC) and understanding CI/CD is a plus

What you get in return:

  • You will join the company that cares about work and life balance
  • Annual Bonus based on the performance review cycle
  • Generous Annual Leave Policy
  • Medical Insurance and Pension fund, with additional benefit packages based on the location
  • Hybrid working model with full flexibility
  • Possibility of taking two additional days of paid leave per year to dedicate to volunteering efforts.
#J-18808-Ljbffr