We are looking for a dedicated Senior/Lead Security Engineer with a focus on Security Information and Event Management (SIEM) to join our team.
The ideal candidate will provide strategic and operational leadership support for our group's SIEM infrastructure. As an integral part of the Security Operations Team, this role involves collaborating with the manager to conduct analysis, identify improvements in our security posture, and generate insightful metrics.

RESPONSIBILITIES

• Take ownership and ensure the optimal operation of the SIEM infrastructure
• Oversee SIEM filters, rules, expressions, and various threat identification mechanisms
• Implement new log sources and develop effective security alerts for the Security Operations Center (SOC)
• Generate weekly reports that outline recurring and potential security threats
• Lead operational management of the Security Orchestration, Automation, and Response (SOAR) infrastructure
• Design and develop solutions to neutralize and forestall adversaries
• Identify emerging threats and perform comprehensive investigations on SIEM-generated incidents/alerts
• Collaborate on purple team exercises focused on internal and external infrastructures such as Active Directory (AD), web applications, cloud solutions, and networks

REQUIREMENTS

• Minimum 1 year in SIEM administration with demonstrable experience in Arc Sight
• Background in managing SOAR infrastructure and automation playbooks
• Experience in L2-L3 SOC analysis
• Competency in identifying threats and performing security investigations
• Experience in Purple Team exercises
• Knowledge of attack vectors and vulnerability management systems
• Qualifications in PNPT and/or OSCP desired
• Fluent English communication skills at a B2+ level

NICE TO HAVE

• 3+ years of SIEM administration experience with other tools
• Other industry certifications
• Demonstrated experience in content creation for security measures

WE OFFER

• Work on a flexible schedule remotely or from any of our comfortable offices or coworking spaces in Ukraine
• Receive the necessary equipment to perform your work tasks
• Change projects and technology stacks within EPAM
• Gain experience in various business domains (Insurance, E-commerce, Healthcare, Finance, Travelling, Media, Artificial Intelligence, and more)
• Consider relocation options in over 30 countries worldwide
• Participate in volunteer, charity programs and communities (both technical and interest-based)
• You can plan your individual career path together with your manager
• Receive regular feedback from colleagues
• Improve your English for free with certified teachers (Speaking Clubs, client interview preparation courses, etc.)
• Get the opportunity to undergo free training and certification in AWS, GCP, or Azure Clouds
• Use the internal E-learn training program (18,200+ specialized training and mentoring programs)
• Access corporate accounts on Linked In Learning, Get Abstract and other partner resources
• Study at EPAM Solution Architecture School with the instructors who are practicing architects
• Develop as a leader, join Delivery Management, Resource Management, Leadership Essentials school and more
• Participate in internal communities (500+ meetups, technical discussions, brainstorming sessions, online events and conferences annually)
• Vacation and sick leave (including a sick leave without a medical certificate)
• A wide range of Voluntary Medical Insurance programs providing both medical treatment and various preventive options (including sports activities)
• Medical insurance for family members at corporate rates
• Company support during significant life events (childbirth or adoption, marriage, etc.)
• Support for psychological comfort: discounts on services from mental health specialists or coaches, thematic training
• E-kids program - a free programming language training program for EPAMers' children