Security Engineer (Cyber Defence)
Tasks
- Automate triage enrichment containment and notifications
- Build and maintain SOAR playbooks
- Collaborate with MSSP to review and improve detections
- Conduct purple team exercises and translate findings
- Create incident timelines and indicators of compromise
- Design detection rules and analytics
- Drive containment and eradication during incidents
- Integrate detection and response tooling with core systems
- Investigate escalated alerts and determine root cause
- Onboard and parse new log sources
- Run detection and response exercises with MSSP
- Run threat hunts using hypotheses
- Tune detections for coverage and performance
- Validate detection coverage with breach and attack simulation
- Write detections as code with version control
Perks/Benefits
Skills/Tech-stack
AWS CloudTrail | AWS GuardDuty | Access Management | Active Directory | Amazon EKS | Attack Simulation | Automation | Breach and Attack Simulation | Chronicle | Cortex XDR | Cyber Security | Detection engineering | Diamond Model | Elastic Stack | Entra ID | Flow Logs | Identity and Access Management | Identity and access | Incident Response | JSON | Microsoft Sentinel | Mitre Attack | Palo Alto | Palo Alto Cortex | Palo Alto Cortex XDR | Palo Alto XSIAM | Purple Teaming | Python | SIEM | SOAR | SOAR playbooks | Splunk | Threat hunting | VPC Flow Logs | VPC flow | XDR | XQL
Education
N/A
Roles
Cyber Security | Cyber Security Engineer | Engineer | Security | Security Engineer
Related jobs
-
Burp Suite | Digital forensics | EnCase | FTK | GhidraCareer growth opportunities | Comprehensive benefits | Flexible work model | Hybrid work model | In-office work optionSenior-level Full TimeSpain; Portugal; Poland; Romania; Serbia; Czechia6d ago
-
Senior Security Automation & Detection Engineer EUR 60K-60KCortex XSOAR | CrowdStrike | EDR/XDR | Logic Apps | Microsoft DefenderHealth and wellness support | Hybrid work model | In-office work option | Inclusive culture | Professional growth opportunitiesSenior-level Full TimeCzechia; Serbia; Romania; Poland; Portugal; Spain6d ago
-
Senior OT/ICS Security Engineer EUR 60K-65K800-82 | Anomaly Detection | Cisco ISA | Claroty | Control SystemsComprehensive benefits | Growth opportunities | Hybrid work model | In-office option | Inclusive cultureSenior-level Full TimeSpain; Portugal; Poland; Romania; Serbia; Czechia6d ago
-
Senior Data Security & Cryptography Engineer EUR 84K-125KAES 256 | AWS Key Management Service | Azure Key Vault | BigID | C++Comprehensive benefits | Growth opportunities | Hybrid work model | In-office option | Inclusive cultureSenior-level Full TimeSpain; Portugal; Poland; Romania; Serbia; Czechia6d ago
-
Senior Application & DevSecOps Engineer EUR 60K-78KAPI Security | Azure DevOps | Burp Suite | C# | CI/CDComprehensive benefits and wellness support | Flexible work model | Growth opportunities and leadership visibility | Hybrid work model | In-office work optionSenior-level Full TimeCzechia; Serbia; Romania; Poland; Portugal; Spain6d ago
-
Senior AI & Machine Learning Security Engineer EUR 55K-75KART | AWS SageMaker | Adversarial Robustness | Azure AI | Azure AI/MLComprehensive benefits | Flexible work model | Growth opportunities | Hybrid work model | In-office optionSenior-level Full TimeSpain; Portugal; Poland; Romania; Serbia; Czechia6d ago
-
Secure Solution Advisor - Belgrade - Hybrid USD 95K-145KAI tools | API Security | Amazon Web Services | Auth0 | AzureCareer development | Inclusive culture | Peer recognition | Supportive line management | Technical trainingSenior-level Full TimeSRB-Belgrade-Hybrid, Serbia R20d ago
-
Database Administrator (DBA) USD 110K-130KAWS Aurora | AWS IAM | AWS KMS | AWS RDS | Amazon RDSApproachable leadership | Continuous personal development | Fully remote work | High autonomy | Training budgetMid-level Full TimeBelgrade, Vojvodina, Serbia - Remote R22d ago
-
Member of Technical Staff (Software Engineer, Security) USD 220K-405KAWS | Application Security | Cloud APIs | EDR | GoSenior-level Full TimeSan Francisco22d ago
-
AWS | Docker | Golang | JavaScript | NoSQLClear growth path | Employment contract 1099 | Fully remote work environment | Work with global teamMid-level Full TimeBelgrade R22d ago
-
Head of Cyber Security USD 183K-252KAWS Security | Attack surface | Attack surface management | Cloud Security | CloudTrailHybrid work | Training and developmentExecutive-level Full TimeBeograd, Serbia25d ago
-
AWS | Access Management | Alerting | Ansible | AzureRemote workSenior-level Full TimeBelgrade R1mo ago
-
Senior Security Engineer (Hybrid or Remote) EUR 36K-55KASV scanning | AWS | Access Governance | Access Recertification | AutomationHybrid work | Learning and development budget | Paid sick leave | Paid vacation | Relocation supportMid-level Full TimeRemote, Almaty, Limassol, Barcelona, Serbia R1mo ago