Security (Information & Communication Technology)
Full time
Job OverviewThe Cybersecurity Engineer supports the operation and enhancement of cybersecurity systems within our Cyber Defense Center. As part of the Research and Development team, you will work closely with the Security Operations Center (SOC) and Threat Intelligence teams. Your tasks will focus on further developing and optimizing Cyber Defense Systems as well as advanced Threat Analysis and Hunting. This position combines technical expertise with collaboration to improve the organization's cybersecurity defenses.
Key Responsibilities1. Further develop and optimize Cyber Defense Systems
Enhance and further develop SIEM and SOAR systems by optimizing functionality and implementing custom solutions to expand their capabilities.
Create and refine detection rules and response actions to improve detection quality and performance.
Create and improve use cases and response playbooks to enrich the incident response process.
2. Support Advanced Threat Analysis and Hunting
Conduct malware analysis, reverse engineering, and digital forensics to identify and find Indicators of Compromise (IoCs).
Stay informed about the latest cyber threats, vulnerabilities, and attacker Tactics, Techniques, and Procedures (TTPs).
3. Incident Handling and Collaboration
Assist in analyzing, handling, and resolving IT security incidents in collaboration with the SOC Operations Team, focusing on Tier 2-3 analysis.
Work closely with SOC and Threat Intelligence teams to enhance detection capabilities and implement effective countermeasures.
QualificationsA Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related discipline, or equivalent professional experience.
3–5 years of proven experience in cybersecurity operations.
Proficiency in programming and scripting, preferably in Python; experience with GitHub or similar version control platforms is advantageous.
Understanding of networking fundamentals (e.g., TCP/IP, DNS, HTTP) and familiarity with log analysis tools.
Knowledge of SIEM and SOAR systems, with experience in detection rule refinement and playbook enhancement.
Strong analytical and problem-solving abilities, with a structured and detail-oriented approach to tasks.
Excellent communication and collaboration skills, with demonstrated ability to work effectively in global, cross-functional teams.
Fluency in English, both written and spoken, is essential for international collaboration and the ability to articulate complex technical concepts clearly.
Effective time management and adaptability in a dynamic, global environment.#J-18808-Ljbffr