SOC Engineer

This is a fully remote position, open to applicants in Ukraine.

📋 Description

• Analyze, classify, and investigate security alerts, incidents, and suspicious activities (L2/L3).

• Develop and optimize correlation rules, threat detection scenarios, dashboards, alerts, and reports in SIEM.

• Integrate new log sources into SIEM, configure parsers, and normalize events.

• Enhance use cases and incident response playbooks.

• Collaborate with infrastructure and network teams.

• Prepare incident reports, technical conclusions, and recommendations.

• Participate in PoC/Pilot SIEM solutions, evaluate new tools, and contribute to SOC architecture development.

⛳️ Requirements

• Higher technical education or specialized courses in information security.

• 3+ years of experience in cybersecurity / SOC / Incident Response / Security Operations or related roles.

• Hands-on experience with SIEM: Microsoft Sentinel, Splunk, QRadar, ArcSight, Wazuh, Elastic, Logsign, or similar tools.

• Experience in configuring correlation rules, notifications, and dashboards.

• Understanding of network protocols, Windows/Linux, Active Directory / Entra ID, cloud and on-premises infrastructure.

• Knowledge of modern attack methods and the MITRE ATT&CK framework.

• Ability to document investigations, incidents, and recommendations effectively.

🏝️ Benefits

• Office or remote – the choice is yours. We provide the flexibility to work from anywhere, with support for setting up your workspace.

• Remote onboarding process.

• Performance bonuses for everyone (annual or quarterly, depending on the role).

• Employee training: we offer numerous internal resources and programs from partners, as well as our own library.

• Health and life insurance for employees.

• Wellbeing program and corporate psychologist.

• Compensation for mobile communication expenses with Kyivstar.