- Work with other members of the SOC and provide support in engineering related topics, i.e.: use-case development, maintenance, log parsing
- Possesses high quality knowledge about IT security tools, eg.: SIEM, SOAR, EDR
- Delivers complex changes on solutions which are part of the requested solution
- Optimizes in-place security solutions in the context of his/her specified task group
- Diagnoses complex issues
- Provides Colleagues with professional guidance, approves execution plans by SOC Colleagues
- Do lab testing of emerging cyber security technologies
- Develops technical documentation and operation manuals
- Works as a project resource, supports planning and execution of projects
- Experience with performing systems administration, including performing installation, configuration, monitoring system performance and availability, upgrades and troubleshooting of Splunk
- Experience in working in a PaloAlto clustered environment
- Deployment, configuration and maintenance on all Windows and Linux platforms
- Onboarding of new data sources
- Analyse the data for anomalies
- Build new dashboards or enhance existing dashboards
- Create alerts and trigger actions (send email, run script)
- Utilize expertise in XSIAM, XSOAR and XDR.
- Design and implement threat detection, automate incident response processes, integration of various security tools with SIEM and SOAR platforms via APIs.
- Requires proficiency within a Windows and Linux environment.
- Familiarity with network topology, UDP, TCP, Proxys, Firewalls, Routers and Switches.
- Scripting Experience (Python, etc)
- Knowledge and Experience in GIT
- Troubleshoots and debugs issues that arise.
- Reliable English communication skills (both written and verbal)
PREFERRED QUALIFICATIONS
- PaloAlto certification (e.g. Palo Alto Networks Certified Detection and Remediation Analyst, Palo Alto Networks Certified Security Automation Engineer, etc ).
- Experience with SIEM (Security Information and Event Management) systems.
Advantages
- 5+ years of proven history with risk and vulnerability management
- Experience or/and certification in more than 2 from the above mentioned technical areas
- German language
What our team offers to you:
- Supportive colleagues locally and internationally
- Various insights into the different areas of cyber security and supporting fields
- Knowledge expansion through trainings, professional certifications
* Please be informed that our remote working possibility is only available within Hungary due to European taxation regulation.
* Please be informed that our remote working possibility is only available within Hungary due to European taxation regulation.
