The SOC Analyst will support the deployment, configuration, and monitoring of the SIEM (Security Information and Event Management) solution for our Linux/Kubernetes infrastructure. This role involves working closely with the SOC Team Lead to ensure effective threat detection, incident response, and compliance alignment. The ideal candidate has hands-on experience with SIEM tools, Kubernetes logging, and Linux security.Key ResponsibilitiesSIEM Deployment SupportAssist in deploying Wazuh + Falco + ELK Stack or Splunk Enterprise across Kubernetes clusters and Linux servers.Configure log pipelines, agents (DaemonSets), and forwarders for data collection.Rule Configuration & TuningDefine and fine-tune detection rules (e.g., Falco for container runtime threats, Wazuh for host-level anomalies).Reduce false positives and ensure actionable alerts.Threat MonitoringMonitor SIEM alerts in real-time and escalate incidents to the SOC Team Lead.Conduct initial analysis of security events and provide remediation recommendations.Dashboards & ReportingBuild and maintain ELK or Splunk dashboards for threat visibility.Generate reports for compliance (e.g., GDPR, PCI DSS) and operational metrics.Incident Response SupportAssist in investigating security incidents detected via the SIEM.Document incident details and contribute to post-incident reviews.Tool MaintenancePerform routine maintenance of SIEM tools, including updates and patches.Monitor system performance and troubleshoot issues as needed.CollaborationWork with the DevOps team for agent deployment and infrastructure management.Support the Compliance Specialist in aligning SIEM rules with regulatory requirements.RequirementsTechnical ExpertiseHands-on experience with SIEM tools (Wazuh, Falco, ELK, Splunk) and threat detection.Strong knowledge of Linux security, Kubernetes, and container runtimes (Docker, containerd).Log ManagementProficiency in log collection, parsing, and aggregation (e.g., Fluentd, Filebeat, Logstash).Experience with Kubernetes logging architectures.Problem-SolvingAbility to troubleshoot SIEM-related issues and optimize detection rules.CommunicationStrong written and verbal communication skills for incident reporting and team collaboration.BenefitsSupplementary health insurance for you and your family (supports most treatments, including psychotherapy).Competitive salary with regular promotion opportunities.Reimbursement for educational courses, internet, and even programs for self-development. (like art classes or learning a new language, etc.)Flexible working hours, including remote work opportunity.An exciting work environment with talented colleagues, cultural diversity, with an open environment for new ideas.We provide everything you need to work comfortably, such as laptops, equipment for remote work, etc.Various on-site meals and snacks.