- Lviv, Ukraine
Striving for excellence is in our DNA. Since 1993, we have been helping the world's leading companies imagine, design, engineer, and deliver software and digital experiences that change the world. We are more than just specialists, we are experts.
EPAM is committed to providing our global team of 36,700+ EPAMers with inspiring careers from day one. EPAMers lead with passion and honesty and think creatively. Our people are the source of our success and we value collaboration, try to always understand our customers' business, and strive for the highest standards of excellence. In today's new market conditions, we continue to support operations for hundreds of clients around the world remotely, with the vast majority of our teams working from home. No matter where you are located, you'll join a dedicated, diverse community that will help you discover your fullest potential.
DESCRIPTION We are looking for talented Tier 1-2 SecOps Engineers / Security Analysts for a Customer Security Operation Center.
Our Customer is an American video games development company.
- Work in 24/7 environment with rotation-based shifts, including weekends
- Monitor on-prem and AWS infrastructure for attacks, intrusions and unusual, unauthorized or illegal activity
- Monitor identity and access management, including monitoring for abuse of permissions by authorized system users
- Create SIEM and SOAR detection and remediation scenarios, implement them as rules. Create, test and update playbooks
- Perform threat hunting and support threat intelligence processes
- Along with security monitoring perform other security operation activities
- Use advanced analytic tools to determine emerging threat patterns and vulnerabilities
- Experience in Cyber/Information/Network/Cloud Security in enterprise environments, with basic scale knowledge of threat analysis of event data from commercial and open source infrastructure technology platforms
- Technical knowledge of Internet security, networking protocols, and related technologies, including IDS/IPS, firewalls, content filtering, Network Behavior Analysis tool, Anti-malware and packet inspection
- Basic understanding of Windows, Linux, DB and network device monitoring and logging technics
- Basic knowledge of malware detection, intrusion detection and prevention systems
- Experience with 1 or more SIEM solutions (Splunk, QRadar, ArcSight, LogRhythm, ELK, Wazuh, Apache Metron, OSSEC etc.)
- Experience with 1 or more SIRP/SOAR tool (TheHive, Cortex, Phantom, Demisto, Resilient etc.)
- Experience with Firewalls (F5, Juniper, Check Point, Palo Alto, Cisco)
- Competitive compensation depending on experience and skills
- Individual career path in engineering
- Social package - medical insurance, sports
- Sick leave and regular vacation
- Unlimited access to Linkedin learning solutions
- English classes with certified English teachers
- Flexible work schedule
Learn more about EPAM in Ukraine
Back to top