Senior Security DevΟps Engineer

The Senior Security DevOps Engineer works as a member of our Security, R&D and Operations teams and is responsible for the conceptualization, design, implementation & maintenance of innovative security & data analytics solutions, including the multi-tenant Obrela MDR infrastructure. Works as technical lead for special projects, allocating and mentoring the engineering team towards successful implementation.

The SecDevOps Engineer works closely with the 24x7x365 Security Operations team to understand both internal & client requirements and drive the implementation of new detection strategies based on the technologies, information and tactics applicable to the engagement. The position involves a great deal of scripting and use of interpreted languages, as well as the ability to translate red-team tactics into blue-team practices.

At least 4 years of experience in a technical information security position is required with a strong preference on candidates with hands-on data analytics and engineering background.

Responsibilities

• Design and execute SIEM/Data Analytics projects
• Divide and manage vertical technical goals and optimally allocate to the engineering team
• Design, Implement and Integrate security solutions & features in OBRELA centralized Managed Detection and Response platform
• Conceptualize blue-team practices and requirements, based on latest security research Collaboration with security analysts to ensure effective SOC monitoring implementation
• Evaluation of new security technologies, products and integration with our SIEM infrastructure through APIs or custom interfaces

Requirements

Required skills and expertise

• Experience implementing, maintaining, and supporting SIEM/Log Management platform
• Experience with a cloud platform, preferably Microsoft Azure
• Experience building and managing SIEM content for relevant security use cases
• Expert understanding of diverse log formats and source data for data analytics implementations (eg OS, Databases, Firewalls, Applications)
• Sound understanding of network, system and application intrusion techniques and patterns on IT infrastructure
• Linux and Windows security administration, focusing on security, re-usability and performance optimization
• Extensive knowledge of TCP/IP networks
• Strong scripting abilities (preferred bash and python)
• Experience with Azure Sentinel / Azure Monitor will be considered a strong plus
• Experience with Microfocus ArcSight will be considered a strong plus

Required soft skills

• Effective verbal and written communication skills that include the ability to describe highly technical concepts in non-technical terms
• Ability to prioritize, organize and manage a complex workload, and to work well under deadlines and pressure
• Ability to respond appropriately to client queries and address effectively troubleshooting needs
• Able to work both as part of a team or under own initiative (without supervision)
• Good interpersonal and communication skills
• Flexibility to work abroad for short timeframes
• Must aspire to a culture of service excellence

Desired Educational Background

• MSc and security related certifications will be considered a strong plus

Benefits

• Dynamic and respectful environment – our people are the core of our business, we value each and every individual and support initiatives, promoting agility and work/life balance.
• Continuous coaching – work with passionate people and receive both theoretical as well as hands-on training
• Career development. Expand your career internationally and work alongside knowledgeable people from diverse cultures and backgrounds
• A competitive compensation package dependent upon your experience and qualifications. We’re focused on rewarding efforts. Our salaries and benefits package will keep you motivated throughout your career