Senior Detection/Automation Engineer - Security DC (f/m/d) @ A1 Competence Delivery Center
Skopje, Ploshtad Presveta Bogorodica 1, HQ, North Macedonia
A1 Telekom Austria Group
What you do
Design and implement advanced detection use cases and correlation rules in Splunk based on evolving threat landscapes and customer requirements;
Engineer, maintain, and optimize Splunk and SOAR platforms for performance, scalability, and security;
Develop and maintain automated workflows to streamline incident triage, response, and remediation processes;
Collaborate with SOC analysts to fine-tune alerts, reduce false positives, and improve detection fidelity;
Integrate various data sources and security tools into SIEM and SOAR platforms to provide enriched context for threat analysis;
Lead or support the development of playbooks and runbooks for common incident types;
Work closely with threat intelligence, response, and threat hunting teams to operationalize intelligence and improve response time;
Participate in regular reviews of SOC processes, identifying opportunities for automation and enhancement;
Provide expertise in troubleshooting, log onboarding, and rule tuning for supported security platforms;
Contribute to continuous improvement of the SOC's detection and response capabilities through innovation, research, and tool development.
What you offer
BSc or MSc in Information Security, Computer Science, Engineering;
Advanced experience in programming with Python or similar program languages;
Advanced knowledge of Splunk;
Advanced knowledge of security specific frameworks (e.g. Mitre);
Knowledge in state-of-the-art IT cybersecurity architectures, hardware, and software implementations for large organizations using either enterprise based and/or cloud-based environments;
Interest in identifying cybersecurity gaps in IT network and systems designs or implementations, and in recommending mitigation strategies to address the identified gaps;
Strong analytical and problem-solving skills with the capability to identify solutions to unusual and complex problems;
Experience with various forensics and security tools as well as with the evaluation of log files for the analysis of attacker behavior is a plus;
Relevant security certifications are a plus;
Knowledge on cloud services (technically and functionally) especially M365 and MS Azure & -Security Modules is a plus.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation Azure Cloud Computer Science Forensics Log files Python SIEM SOAR SOC Splunk Threat intelligence
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.