The Corporate Security team focused on continues Information Security system improvements and development. The team is geographically distributed, and it is part of the Information Security group of the Global IT department.
What will be Your responsibilities?
- Administration activities on 20+ servers (ELK on Linux, Windows event collectors, Logstash, Kibana)
- SIEM rule creation (ELK) connected with Bash/PowerShell/Python/Ruby/VBScript, LDAP
- Connection of new event sources to ELK (API, Windows event log forwarding, syslog, clouds)
- Participate in other activities like:
– corporate anti-virus solutions
– accompany information security incident and vulnerability management processes
– participate in the incident investigation, vulnerabilities elimination and protective measures development procedures
– interact with system administrators when required to make On-Prem and SaaS solutions hardening
– maintain corporate information security policies and Security awareness program
What are we looking for?
- Experience with ELK stack at least 1 year
- Knowledge of various operating systems at the administrator level
- Knowledge of script languages like Bash/PowerShell/Python/Ruby/VBScript
- Understanding of query languages (LDAP, SQL)
- Understanding of threats and vulnerabilities, and methods of their elimination
What skills are nice to have?
- At least 2 years of Information Security
- Experience with systems and tools designed to detect and prevent threats (SIEM, FW, WAF, IDS/IPS, Network scanners)
- Experience with virtualization and containerization
- Understanding of network architecture and network protocols
- Written English at the Intermediate level
What additional skills will help you stand out?
- Higher technical grade
- Information security training skills
- Knowledge of risk analysis methods
- Vulnerabilities search tools and methods experience
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided