Join Logpoint, a trailblazer in revolutionizing Security Information and Event Management (SIEM) with it ... s Converged SIEM platform, providing a unified solution for today's Security Operations Centers (SOCs). By integrating SIEM, SOAR, UEBA, and EDR technologies, Logpoint streamlines complexity, simplifies tech stacks, and expedites threat detection and response. As a crucial member of Logpoint's core engineering team, this role presents an opportunity to contribute to cutting-edge developments by taking on the challenge of engineering a robust data platform. Being part of Logpoint's core engineering team means immersing yourself in a collaborative and innovative software development environment. Engage closely with Product and Project teams to ensure the delivery of high-quality software solutions. Dive into a map reduce-based framework, where data ingestion, normalization, and analytics take center stage. Our platform seamlessly collects, correlates, analyzes, and visualizes data from diverse sources. Your journey with us will involve addressing challenges inherent in our work, from overcoming bottlenecks in existing designs or code during data influx to tackling new edge cases that may disrupt service functionality. We value engineers who find fulfillment in crafting solutions to complex problems, moving beyond the routine translation of business requirements to plain Java code. If you thrive on proving yourself in challenging technical scenarios, we warmly invite you to be a part of the Logpoint core team, where innovation meets impactful cybersecurity solutions.
View Company ProfileSecurity Analytics Engineer (Mid/Senior Level)
Job summary
-
No. of Vacancy
: 2 -
Job Type
: Full Time -
Offered Salary
: Negotiable -
Gender
: Both -
Career Level
: Senior Level -
Experience
: 4 Years -
Apply Before
: 2022-01-11 Closed -
Skills
:Information SecurityAnalyticalCommunicationsDatabasesPython
Job Description:
The Job
For Security Analytics team, we are looking for Security Analytics Engineers with excellent analytical abilities. A big part of the job will be expanding the Logpoint solution to support an ever-growing number of formats, protocols, and external systems, meaning experience with industry standards and 3rd party integrations will be preferred. Candidates with expertise and experience in the security domain will be preferred.
We expect you to be flexible and a fast learner as our setup is continuously evolving. If you are excited about development and results, have an analytical approach to your work, are structured and know how to work as a part of team and independently as well, then this is an opportunity for you. We expect you to thrive in a busy working environment and like solving complex tasks.
Key Responsibilities
- Building defensive, highly-customized security playbooks using LogPoint SOAR platform.
- Research, analyze, and create contents based on wide variety of commodity and APT based malware and techniques.
- Interpret Threat intelligence’s IOCs and use them efficiently for alerting. Recognize patterns and inconsistencies that could indicate complex cyber-attacks.
- Build and maintain dashboards and other data visualizations of complex data sets and calculations.
- Translate analytical findings into security “use cases” that can be implemented within available surveillance capabilities.
- Write queries, perform data analysis/log correlation, and create data visualizations for different security devices.
- Create technical documentation around the content deployed to the SIEM.
- Write, review and organize technical content that will be published to the LogPoint blog, FAQs and Knowledge base for use by both internal and external customers.
Required Knowledge, Skills, and Abilities:
Professional Qualifications
- Experience in configuring, managing, and using one or more SIEM/SOAR/UEBA products, highly desired.
- SOC consulting experience, highly desired.
- Good knowledge of Python, regular expressions, and SQL queries.
- Good understanding of security infrastructure and related technologies (AD, proxies, firewalls, email filtering technologies, and network intrusion detection systems) .
- Excellent log analysis skills with an ability to apply them appropriately for alerting and reporting.
- Experience in cyber security intrusion detection/analysis/response and creating new rules and filters to support these actions.
- Experience in creating log correlations in a SIEM to identify anomalous, potentially malicious behavior.
- Understanding of MITRE ATT&CK and Kill chain.
- Experience working with REST and other third-party API integrations.
Personal Qualifications
- Good verbal, interpersonal and written communication skills.
- Strong analytical, problem-solving, and decision-making capabilities.
Education + Experience:
- Bachelor's Degree/Master's degree in Computer Science is preferred
Benefits:
- Attractive salary based on experience and qualifications.
- Social Security Fund (SSF).
- Working in a team environment where initiative and dedication are encouraged.
- An equal opportunity workplace that values diversity and does not discriminate.
- High level of responsibility and excellent career possibilities.
- Open international work environment.
- Festival expense allowance.
- Medical and accident insurance.
- Gymnasium/Fitness Membership.
Apply Instruction:
LogPoint is growing rapidly, we offer a challenging and exciting international work environment on the cutting edge of cybersecurity technology. We strive to deliver outstanding results in a positive, collaborative, and informal atmosphere with ample opportunity for personal growth and development.
Interested candidates fulfilling the mentioned criteria are encouraged to Apply using the Easy Apply Button below. Registered candidates may also apply using Apply Now Button.
If you have any questions about this position call 9802302081