Insider.

Senior Security Engineer – Blue Team

Insider.

full-time

Posted on:

Location Type: Remote

Location: Remote • 🇹🇷 Turkey

Visit company website
AI Apply
Apply

Job Level

Senior

Tech Stack

AWSCyber SecurityPythonSplunkUnix

About the role

  • Management and Maintenance of SIEM Tools: Configuring, monitoring, and enhance SIEM functionalities.
  • Rule Creation and Optimization: Developing rules, reports, dashboards, and use cases to detect threats and attacks.
  • Threat Analysis: Analyzing threats using logs, IPS/IDS, cyber intelligence reports, and other data sources.
  • MITRE ATT&CK Framework Integration: Reviewing existing rules and developing new attack detection scenarios.
  • Incident Response: Taking an active role in detecting, analyzing, and mitigating security incidents.
  • False Positive Reduction: Working with CDC Engineers to optimize detection logic and minimize false positives.
  • Log Management: Import and troubleshooting logs from various security products and company-wide log sources.
  • Security Metrics & Reporting: Defining and monitoring key security metrics, creating dashboards and reports.
  • Database and EDR Tool Management: Maintaining, optimizing, and enhance security configurations.
  • Cyber Intelligence & Threat Hunting: Staying updated with the latest cyber threats and integrating threat intelligence into security operations.
  • Tabletop Exercises: Actively participating in security drills and follow up on action items.

Requirements

  • Bachelor's degree in Computer Engineering, Electronics Engineering, or equivalent.
  • Minimum 4 years of experience in IT Security Architecture & Services.
  • Strong knowledge and hands-on experience with security technologies such as WAFs, SIEM, SOAR, EDR, ETP, Vulnerability Scanning Tools, and Deception Technologies.
  • Hands-on experience in one of the SOAR tools (e.g., XSOAR, Resilient) is preferred.
  • Strong understanding of network security devices (e.g., Firewall, IPS/IDS).
  • Knowledge of Syslog, HTTP, and Database log formats.
  • Experience with Unix and Windows operating systems.
  • Deep understanding of the attack lifecycle and its stages.
  • Proficiency in Python, or other scripting languages.
  • Holding or willing to take AWS Security Specialist Certificate.
  • Preferably holding industry-recognized certificates (e.g., CEH, AWS Sec).
  • Splunk Core Certified Power User is a plus.
  • Strong analytical, critical thinking, and problem-solving skills.
  • Ability to communicate technical details effectively to various stakeholders.
  • A proactive, curious mindset with a keen interest in researching emerging cybersecurity threats and trends.
Benefits
  • “Tech Talks” with famous and groundbreaking people from the software world, “Dev Talks” where our Software Developers talk about their career steps, and many events where groundbreaking ideas are discussed,
  • Hackathons we organize inside that push the boundaries, programming challenges, and coding competitions,
  • free access to exclusive services such as Laracasts, Egghead, LinkedIn Learning, Blinkist, Masterclass, and Spotify,
  • Inclusive Private Health Insurance,
  • Smart Work Model side benefits to support food and bill expenses,
  • The infamous Team Activities that are bursting with fun,
  • No Dress code! This is a fast and innovative startup, you can wear whatever you want.
  • Remote Work! Work anywhere you'd like in Turkey.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
SIEMSOAREDRWAFVulnerability Scanning ToolsDeception TechnologiesPythonUnixWindowsSyslog
Soft skills
analytical skillscritical thinkingproblem-solvingcommunicationproactive mindsetcuriosityresearch skills
Certifications
AWS Security Specialist CertificateCEHAWS SecSplunk Core Certified Power User