Security Monitoring Analyst

Náplň práce, právomoci a zodpovednosti:
We are seeking an enthusiastic Security Analyst to join our innovative Threat Defense R&D team as a Security Monitoring Analyst. In this role, you will actively contribute to the development of XDR platform.

This is a unique opportunity to work with state-of-the-art technologies in the ever-evolving field of computer security.

##Functional Responsibilities and Duties##
- Research and develop XDR detection rules, to defend against emerging threats and vulnerabilities.
- Research XDR features and provide feature specifications and guidance for developer teams.
- Monitor environments for potential threats, vulnerabilities, and suspicious activities.
- Analyze security logs, alerts, and events to identify and respond to security incidents.
- Conduct root cause analysis for identified incidents and recommend remediation strategies.
- Participate in security research and innovation to advance threat defense capabilities.
- Stay informed about the latest cyber threat intelligence and industry trends.
- Provide guidance and training to team members on cloud security best practices.
- Communicate complex security concepts to non-technical audiences effectively.
- Collaborate in designing and developing Managed Detection and Response and other security monitoring services.
- Perform conceptual, systemic, creative and methodological activities.
- Carry out other tasks according to the instructions of the direct manager in accordance with the activities of the department and the company.

##Requirements##
- Education in IT security field is an advantage.
- Experience with security research and detection engineering is desirable.
- Experience as a SOC security analyst, or an equivalent position (also outside the SOC) where the main full-time job was the operation and evaluation of outputs from the security monitoring systems for the purpose of identifying and reporting potential security threats is an advantage.
- Experience with development of Sigma or Yara rules and Kusto, EQL, Lucene query languages are an advantage.
- Experience with forensic analysis and incident response is an advantage.
- Experience with penetration testing or red teaming is an advantage
- Experience with at least one of the major cloud providers (Azure, AWS, GCP) is an advantage.
- Experience with big data technologies such as Elasticsearch, OpenSearch or Hadoop are an advantage.
- Experience with administration of Active Directory environments and Entra ID is an advantage.
- IT Security certificates or other technological certificates are advantage – Windows, Unix, Network Security
- Basic technical writing and report writing skills are an advantage
- Good knowledge of the Windows/Linux operating system, knowledge of system tools
- English - Upper intermediate (B2)