Security Operations Center (SOC) Team Lead (IRC95197)

GlobalLogic Ukraine is inviting a Security Operations Center (SOC) Team Lead to join its Kyiv office.

GlobalLogic, a large rapidly developing IT company, currently looking for a Security Operations Center (SOC) Team Lead to join the team in Kyiv, Ukraine.

You will play a critical role in our cybersecurity function to ensure enterprise data is secure and private. You will help provide monitoring for GlobalLogic by acting as the first line of defense against potentially malicious events. Escalate confirmed incidents to a variety of internal and external teams. Assist in developing use cases, onboarding, and driving log requirements to further detection capabilities. Help drive technical service improvements to meet strategic security goals. Work with internal and external teams within the security and the enterprise to drive cyber remediation efforts.

Requirements

• Strong knowledge of information security principles, techniques and technologies
• At least 5 years of professional experience with IT Security products and services
• Middle to Senior-level security analyst that has experience within a 24?7 environment with both cloud and enterprise experience
• Experience with the SIEM solutions (LogRhythm, Splunk, QRadar etc.)
• Experience with the vulnerability assessment process, tools (Nexpose, Nessus, Netsparker etc.)
• Experience with the AV and NGAV tools (Symantec, CrowdStrike, CarbonBlack etc. )
• Practical experience in Incident response
• Upper-intermediate English - communication skills (both speaking and writing)
• Ability to work in different time zones
• Good self-organization
• Experience with IDS/IPS solutions (Snort, Cisco IPS, NGIPS)
• IT Security Certifications like CEH, OSCP, etc.
• Experience with the application control tools

Responsibilities

• Managing security tools in the organization
• Managing team of SOC engineers
• Perform various security-related tasks according to standard operating procedures
• Actively detect and identify security weaknesses and determine the required remediation steps
• Provide hands-on technical expertise to assist with creating new methods for detection and triage
• Continuously check for the new threats and their mitigation plan
• Dealing with improvements and/or automation of existing tooling (look into evaluation and selection of new tools and supporting assets)
• Act as a first-line contact point for various security consultations

We offer:

• Interesting and challenging work in a large and dynamically developing company

• Exciting projects involving the newest technologies

• Professional development opportunities

• Excellent compensation and benefits package, performance bonus program

• Modern and comfortable office facilities