Senior Security Operations Center Engineer / Detection & Automation (f/m/d) @ A1 Competence Delivery Center

Пълно описание

Strength. Care. Growth

A1 Competence Delivery Center is a vital component of A1’s telecommunications business. Acting as an expertise hub, CDC is dedicated to delivering a full range of high-quality IT, network, financial and other services to support A1’s operations across all OpCos, independent of location.

Using the power of being OneGroup and leveraging synergies, CDC enables transparency of resources, key skills and knowledge expansion and personal career growth opportunities’ enhancement, paired with job stability.

We are expanding the Cyber trust team of the A1 Competence Delivery Center. Be a part of this exciting journey!

Aleksandar Mirkovic is looking for a new team member.

As Senior Detection/Automation Engineer you are responsible for developing, testing, and improving attack detection use cases on basis of the existing SIEM-System.

Role insights:

• Design and implement advanced detection use cases and correlation rules in Splunk based on evolving threat landscapes and customer requirements;
• Engineer, maintain, and optimize Splunk and SOAR platforms for performance, scalability, and security;
• Develop and maintain automated workflows to streamline incident triage, response, and remediation processes;
• Collaborate with SOC analysts to fine-tune alerts, reduce false positives, and improve detection fidelity;
• Integrate various data sources and security tools into SIEM and SOAR platforms to provide enriched context for threat analysis;
• Lead or support the development of playbooks and runbooks for common incident types;
• Work closely with threat intelligence, response, and threat hunting teams to operationalize intelligence and improve response time;
• Participate in regular reviews of SOC processes, identifying opportunities for automation and enhancement;
• Provide expertise in troubleshooting, log onboarding, and rule tuning for supported security platforms;
• Contribute to continuous improvement of the SOC's detection and response capabilities through innovation, research, and tool development.

What makes you unique:

• BSc or MSc in Information Security, Computer Science, Engineering;
• Advanced experience in programming with Python or similar program languages;
• Advanced knowledge of Splunk;
• Advanced knowledge of security specific frameworks (e.g. Mitre);
• Knowledge in state-of-the-art IT cybersecurity architectures, hardware, and software implementations for large organizations using either enterprise based and/or cloud-based environments;
• Interest in identifying cybersecurity gaps in IT network and systems designs or implementations, and in recommending mitigation strategies to address the identified gaps;
• Strong analytical and problem-solving skills with the capability to identify solutions to unusual and complex problems;
• Experience with various forensics and security tools as well as with the evaluation of log files for the analysis of attacker behavior is a plus;
• Relevant security certifications are a plus;
• Knowledge on cloud services (technically and functionally) especially M365 and MS Azure & -Security Modules is a plus;

If you have any questions,  please do not hesitate to contact Yana Mladenova.

Job code: AIT070P311

Job classification: 11 - (Global Level)

Виж повече