other

SOC Analyst (L2, L3)

20 декабря 2024

З/П не указана

Город: Санкт-Петербург

Quadcode

Тип занятости: Удаленная работа

Требуемый опыт: Опыт от 1 года

Обязанности:

About team We are Quadcode, a fintech company excelling in financial brokerage activities and delivering advanced financial products to our global clientele. Our flagship product, an internal trading platform, is offered as a Software-as-a-Service (SaaS) solution to other brokers. Now we are looking for a SOC Analyst for the Security Operations Center Team. The team works with various Infrastructure teams (Admins, NOC, OPS, Compliance) to identify and mitigate security issues, vulnerabilities, and misconfigurations by applying their in-depth security knowledge of operating systems, infrastructure, cloud providers, etc. Also, they work very closely with the Security Operation Center and help them with the incident response process. Now the team has 2 SOC Analysts, 3 SOC Engineers, and a Team Leader. Working with Agile, Scrum (1–2-week sprints, grooming, planning, retrospective), and SAFe framework. Furthermore, we are using Google meet, Slack, TargetProcess, Wiki, Confluence for teamwork. Daily scrum standups conduct at 12:45 UTC+2 (Cyprus time zone), engaging in peer code reviews. As the other members of the team, you will be responsible for events monitoring and incidence management process improvement. We are ready to take you opportunity to work with modern technological stack in IT industry and grow up inside the Company. For example, working with cloud and hybrid infrastructure using tools and techniques at the cutting edge. TECH STACK SIEM: Splunk; Scripting: Python, Bash; Programming: Python; IaC: Ansible, Terraform OS: Linux, Windows, MacOS; Clouds: AWS, Openstack, K8S; CI/CD: Docker, Gitlab, Helm; Tests: Molecule, Vagrant. Tasks in the role Events correlation rules development; Incidents response playbooks development and their automation; Security events analysis and monitoring; Partaking and/or leading the incident response processes; Search, analysis and coordination of vulnerabilities elimination; Detection rules operational checks via attacks emulation; Security tools research and development; Conducting periodic exercises to respond to security incidents; Connection of the new log sources and processes to SIEM and SOC tools; Define requirements for the secure configuration of the operating systems, networks and services in terms of processing of the information security incidents. Requirements: Specialized experience in SOC as an analyst for at least 2 years; Automation skills (Python); Experience in investigating incidents as an L2 analyst, including those affecting remote employees; Experience in collecting and processing indicators of compromise from various systems; Experience in writing correlation rules; Experience in testing correlation searches via attack emulation; Knowledge of security mechanisms of modern operating systems; Knowledge of how network attacks, attacks on infrastructure, attacks on web applications occur; Experience in operating SIEM systems (Splunk as a plus); Deep knowledge of the threats of modern IT technologies; Knowledge and experience with Mitre ATT&CK. Nice to have: Experience in vulnerability analysis; Experience in Fintech industry; General broad outlook in the field of IT security; Experience in composing regular expressions; Experience with vulnerabilities in systems and applications; Knowledge of SQL and experience with relational databases; Experience with EDR; Experience in analyzing network traffic. We offer Full-time remote work as a Service Provider in the following countries: Russia, Bulgaria, Georgia, Belarus, Hungary, Romania, Latvia, Lithuania, Moldova, Azerbaijan, Armenia, Kyrgyzstan, Greece, Croatia, Montenegro, Serbia, or Estonia (a residence permit is a must) Competitive remuneration; Professional courses: from Coursera to Harvard; Friendly, enjoyable and positive environment. Currently, over 700 employees and service providers are stationed across our seven global offices located in the UK, Gibraltar, the UAE, the Bahamas, Australia, and the headquarters in Cyprus. By broadening its international presence, Quadcode not only offers a remote or hybrid work model but also presents a myriad of intriguing tasks and challenges for professionals like developers, market research analysts, and PR marketing specialists, among others. Join us today, and let's shape the future of fintech together! Note: All applications will be treated with strict confidence. We thank all applicants for their interest, however only those candidates selected for interviews will be contacted.

Имя не указано

Откликнуться
Разместить Резюме
Пожаловаться ID: 125634361

Похожие вакансии

Аналитик SOC L2

Договорная

Санкт-Петербург

Яндекс

Аналитик SOC L3 (партнерский найм)

Договорная

Санкт-Петербург

Positive Technologies

Инженер технической поддержки (L2/L3, файловые системы)

Договорная

Санкт-Петербург

Paragon Software

Аналитик по управлению инцидентами ИБ (SOC L3)

Договорная

Санкт-Петербург

Совкомбанк Технологии

Аналитик SOC

От 90 000 руб.

Санкт-Петербург

Датаджайл

Руководитель SOC

Договорная

Санкт-Петербург

Оператор Газпром ИД