نشان کن
کد آگهی: KP3101152119
استخدام Senior SOC Engineer
:fill(transparent):quality(100)/https://mstorage2.jobinjacdn.com/other/files/uploads/images/9bc21399-9402-43a7-9393-e170c05a933d/main.png)
والکس | Wallex
در تهران
اطلاعات شغل:
نوع همکاری: تماموقت
مدرک تحصیلی مورد نیاز: کارشناسی
مهارتهای مورد نیاز:
soc
Splunk
Python
Bash
tcp/ip
پرداختها: توافقی
متن کامل آگهی:
Description
Wallex is a leading crypto exchange company. We are seeking a highly skilled and motivated Senior SOC Engineer to join our SOC team. This is a hands-on, operational role that involves architecting, deploying, and managing our security detection and response capabilities, alongside monitoring, detecting, analyzing, and responding to security incidents and threats to protect our mission-critical services.
Wallex is a leading crypto exchange company. We are seeking a highly skilled and motivated Senior SOC Engineer to join our SOC team. This is a hands-on, operational role that involves architecting, deploying, and managing our security detection and response capabilities, alongside monitoring, detecting, analyzing, and responding to security incidents and threats to protect our mission-critical services.
As part of a high-performance fintech environment, you will play a key role in enhancing our security posture, threat detection capabilities, and incident response readiness across physical, virtual, and cloud platforms. If you're passionate about cyber defense, threat hunting, security analytics, building robust security solutions, and solving real-world technical challenges, we’d love to hear from you.
Responsibilities
- Architect, deploy, manage, and optimize the security monitoring and detection infrastructure, including SIEM (Splunk, ELK Stack) environments with a focus on clustering, scalability, and high availability. This includes IDS/IPS, and Endpoint Detection and Response (EDR) tools.
- Perform advanced configuration and management of security tools, ensuring optimal performance, data ingestion pipelines, coverage, and alert efficacy. Develop custom parsers, complex correlation rules, dashboards, and reports within the SIEM.
- Lead the integration of diverse security data sources into the SIEM and other analytical platforms.
- Proactively hunt for threats and anomalies within the network, endpoint, and cloud data.
- Analyze security alerts, conduct in-depth investigations of potential security incidents, and manage the incident response lifecycle.
- Develop, maintain, and improve security incident response plans, playbooks, and procedures.
- Monitor and analyze logs from various sources (e.g., firewalls, servers, network devices, applications, cloud services) to identify malicious activity.
- Collaborate with IT, DevOps, Network, and Application teams on security incident resolution, vulnerability remediation, and to ensure infrastructure and application security.
- Support security hardening initiatives and ensure compliance with internal policies and external regulations.
- Undertake capacity planning and lifecycle management for core SOC technologies.
- Troubleshoot complex operational issues with SOC systems and coordinate with vendors or other teams for resolution.
- Document security incidents, investigation findings, system architectures, configurations, and procedures clearly and thoroughly.
- Evaluate, test, and implement new security technologies, including potential for SOAR platforms, and contribute to the SOC roadmap and continuous improvement.
- Stay current with emerging threats, vulnerabilities, security engineering best practices, and new technologies.
Requirements
- Minimum 3-5 years of experience in a Security Operations Center (SOC), cybersecurity engineering, or incident response role.
- Strong hands-on experience architecting, deploying, and managing SIEM solutions (Splunk and/or ELK Stack), including experience with clustering, data ingestion pipelines, and developing advanced correlation rules and dashboards.
- Proficiency in deploying, configuring, managing, and tuning IDS/IPS solutions.
- Solid experience with Endpoint Detection and Response (EDR) tools, including their deployment and maintenance.
- Deep understanding of common attack vectors, cyber threat intelligence, and incident response methodologies (e.g., NIST).
- Good understanding of network protocols (TCP/IP, DNS, HTTP/S), network architecture, and security implications. Experience analyzing logs from firewalls, routers, and switches.
- Familiarity with operating system security (Windows, Linux), virtualization security concepts, and container security.
- Excellent analytical, problem-solving, and engineering troubleshooting skills.
- Strong documentation and communication capabilities, with the ability to articulate technical designs and issues to diverse audiences.
- High attention to detail, strong security awareness, and a proactive, engineering-oriented mindset.
- Ability to work effectively in a team and under pressure.
Nice to Have
- Experience with security automation tools (e.g., Ansible, Terraform) and scripting languages (Python, Bash) for automating SOC tasks and tool management.
- Experience with SOAR platforms.
- Experience with vulnerability assessment tools and processes.
- Understanding of advanced network security architecture (e.g., zero-trust, micro-segmentation).
- Experience with disaster recovery planning and business continuity from a security perspective.
- Exposure to Infrastructure as Code (IaC) principles and Git.
این آگهی از وبسایت جابینجا پیدا شده، با زدن دکمهی تماس با کارفرما، به وبسایت جابینجا برین و از اونجا برای این شغل اقدام کنین.
هشدار
گزارش مشکل آگهی
تماس با کارفرما
این آگهی رو برای دیگران بفرست
نشان کن
گزارش مشکل آگهی
جستجوهای مرتبط
سهشنبه 11 تیر 1404، ساعت 02:25