Security Engineer ( REF2749Z)

Company Description

The largest ICT employer in Hungary, Deutsche Telekom IT Solutions (formerly IT-Services Hungary, ITSH) is a subsidiary of the Deutsche Telekom Group. Established in 2006, the company provides a wide portfolio of IT and telecommunications services with more than 5000 employees. ITSH was awarded with the Best in Educational Cooperation prize by HIPA in 2019, acknowledged as one of the most attractive workplaces by PwC Hungary’s independent survey in 2021 and rewarded with the title of the Most Ethical Multinational Company in 2019. The company continuously develops its four sites in Budapest, Debrecen, Pécs and Szeged and is looking for skilled IT professionals to join its team.

Job Description

Within DT-Technik, we are looking for an ambitious and experienced colleague in the security area (T-SRC) for the Security Operations Center Technik (SOCT) squad. The Squad SOCT offers comprehensive services for the security of DT Technik's networks and systems.

• Security monitoring in SIEM (Security Information and Event Management), Elastic Endpoint Protection (EPP) and other sources.
• Monitor and investigate security events and incidents using established processes and procedures
• Categorizing and reporting incidents following established procedures
• Create and update incident logs, ensuring accurate and thorough documentation
• Prepare lessons learned reports to enhance incident response processes
• Maintaining and updating detection rulesets following established processes
• Development and operation of automatic end-to -end test chain for cyber attack detection rules (SIEM, IDS, EPP)
• Bug fixing and optimisation of the tested detection rules
• Development of missing detection rules

Qualifications

• IT Security experience
• Technical knowledge and experience with at least one well-known SIEM or security analytics solution
• Solid knowledge of Windows and Linux operation systems
• General knowledge of web security, network protocols, devices, services, and related technologies (TCP/IP, Firewall, IPS/IDS, web proxy)
• Understanding of host-based security tools such as anti-virus and EDR
• In-depth knowledge of cybersecurity principles, technologies and best practices
• Demonstrated understanding of threat landscapes, attack vectors, and vulnerabilities
• Experience in programming and/or scripting languages (Powershell, Python)
• Strong analytical and problem-solving skills, ability to analyze logs of various devices, solutions
• Reliable English communication skills (both written and verbal)

Additional Information

Advantages

• Previous SOC experience
• Microsoft Certified Windows Server Administrator (or equivalent Windows Certification)
• Vendor certificates (IBM, Microsoft, Splunk, CrowdStrike or equivalent)
• Any advanced security certificate (GSEC, OSCP/OSCE or equivalent)
• Basic presentation, project management, document management skills
• German communication skills

* Please be informed that our remote working possibility is only available within Hungary due to European taxation regulation.