We are a dynamically growing company specializing in developing high-load and fault-tolerant systems. Our team values professionalism, innovation, and a commitment to continuous growth.
Responsibilities: * Lead the design, implementation, and integration of various cyber defense tools * Conduct threat hunting over log sources connected to the SIEM and develop new coverage * Monitor security alerts, perform triage and analysis, and respond to security incidents * Identify security tools and implement solutions from POC to production (e.g., container security, cloud security, etc.) * Develop SOAR to enhance monitoring, response, and observability for security alerts * Managing infrastructure as code with Terraform * Managing configuration as code with Ansible (AWX), Helm and Jsonnet * Work closely with Engineering and DevOps teams to define a security strategy and execute it
Requirements: * Strong knowledge of AWS, Kubernetes, containerized, and microservice architectures * Strong knowledge of Linux and using languages such as Shell/Bash, Python, or Go * Strong knowledge of Terraform, Ansible and Helm * Experience with security solutions in cloud environments (e.g., DDoS, WAF, IDS/IPS, DB-FW, Kubernetes security, etc.) * Knowledge of build/release systems and CI/CD pipelines.
Nice to Have: * Experience with Elastic XDR, including fine-tuning ILMs, onboarding custom log sources, fine-tuning integrations * Knowledge of Jsonnet and Grafana Tanka, with the ability to write and understand configurations described in Jsonnet.
We offer: * 30 days off per year (vacation and sick days); * Medical insurance; * Free corporate English language courses; * Flexible schedule with full-time work, minimal bureaucracy, no micromanagement, and no time tracking; * A fantastic team of creative and interesting people.
