EPAM Systems

SOC Analyst

1 month agoKharkiv, Ukraine

EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.

DESCRIPTION
As a SOC Analyst, you will live on the front lines of the products we create, and build features used by millions of people every day.
Responsibilities

  • Monitor on-prem and cloud infrastructure for attacks, intrusions, and unusual, unauthorized, or illegal activity
  • Monitor identity and access management, including monitoring for abuse of permissions by authorized system users
  • Create SIEM and SOAR detection and remediation scenarios, implement them as detection and response rules. Create, test, and update playbooks
  • Perform threat hunting and support threat intelligence processes
  • Use advanced analytic tools to determine emerging threat patterns and vulnerabilities
Requirements
  • Technical knowledge of Internet security, networking protocols, and related technologies, including IDS/IPS, firewalls, content filtering, Network Behavior Analysis tool, Anti-malware, and packet inspection
  • Basic understanding of Windows, Linux, DB, and network device monitoring and logging technics
  • Basic understanding of host and network security hardening, networking protocols, common intrusion techniques, and common risk management concepts
  • Basic knowledge of malware detection, intrusion detection, and prevention systems
  • Experience with 1 or more SIEM solutions (Splunk, QRadar, ArcSight, LogRhythm, ELK, Wazuh, Apache Metron, OSSIM, etc.)
  • Experience with 1 or more SIRP/SOAR tools (TheHive, Cortex, Phantom, Demisto, Resilient, etc.)
  • Experience with network security will be a plus
  • Experience with Firewalls (F5, Juniper, Check Point, Palo Alto, Cisco) will be a plus
We offer
  • Competitive compensation depending on experience and skills
  • Individual career path
  • Unlimited access to LinkedIn learning solutions
  • Social package - medical insurance, sports
  • Compensation for sick lists and regular vacations
  • English classes with native speakers (certified English teachers)
  • Flexible work hours
Apply