SOC Engineer

Warsaw, Masovian Voivodeship  ‐ Hybrid


Splunk Cloud Computing Research Amazon Web Services Customer Relationship Management Computer Networks Databases Linux Incident Response Forensics Tools (Digital Forensics Software) Security Engineering Infrastructure Management Requirements Analysis Security Managing Situation Analysis Root Cause Analysis Firewalls (Computer Science) Cybercrime Safety Principles



* Analyzing network traffic to identify malicious activity or compromised systems, prevent successful attacks
* Ability to collaborate within the team as well as security engineering and detection engineering teams to improve and build new tailored security detections
* Properly analyze alerts and being able to decipher between and investigation and an incident
* Keep up-to-date on modern attack techniques to continually integrate knowledge into new detections
* Contribute to playbooks, and use cases to protect our cloud
* Building relationships with the other technical teams across our engineering and infrastructure functions
* Perform root cause analysis on incidents
* Maintains situational awareness for cyber threats across the global firm and take action where necessary.
* Work through incident response engagements through containing security incidents, and remediation
* Works mostly independently, translating guidance and direction from management into the best approach to accomplish work.
* Solves moderately complex problems
* Investigate data breaches and malicious activity leveraging forensics tools; analyze Windows, and Linux, in cloud environments to identify Indicators of Compromise (IOCs); examine firewall, web, database, and other log sources to identify evidence of malicious activity.
* Track emerging security practices and contribute to building internal processes, and our various products.
* Be able to respond to incidents with minimal guidance
* Have a detailed understanding of splunk and AWS
* Good to advanced understanding of Splunk, alert creations and creating signatures
* Experience using Splunk, developing, maintaining, and tuning alerts
* Experience with cloud environments or technologies
* Proven knowledge and understanding of security incident types, indicators of compromise (IOCs), Indicators of Attack (IOA), and tools, tactics, and procedures (TTPs)
* Experience responding to incidents and alerts
Start date
100% (5 days per week)
6 months
(extension possible)
Published at
Contact person:
Kasturi Sinha
Project ID:
Contract type
60 % remote
To apply to this project you must log in.