Are you passionate about cybersecurity and ready to take a hands-on role in advanced security operations As a Senior Security Operations Engineer, you'll play a pivotal role in operating and refining our Security Operations Center (SOC), with a specific focus on incident response, threat hunting, and penetration testing.
You will be part of our Security Operations team, responsible for monitoring, analyzing, and responding to security incidents across our infrastructure. This role goes beyond production securityit encompasses securing our internal systems and processes through continuous operations, incident handling, and proactive security assessments. We're looking for someone with both practical and theoretical knowledge in IT security, capable of not only enforcing policies but also continuously improving our security posture through incident analysis and pentesting feedback to meet evolving security challenges.
What you'll be doing- Monitor, analyze, and escalate security alerts utilizing ourSIEMsolutions (Wazuh & Chronicle).
- Conductpenetration tests and vulnerability scansagainst our internal platforms.
- Drive the creation of effectiveSIEM dashboardsand improve overall monitoring and alerting capabilities.
- Manage and mitigateCVEs(Common Vulnerabilities and Exposures) on our virtualized platforms and container base images.
- Assist in implementing security measures for both internal and external systems.
- Utilizestatic code scanningprocesses to identify and remediate vulnerabilities early in the development lifecycle.
- Enforce and evolve the configuration of ourSecurity Command Center.
- Collaborate onautomated security scanninginitiatives for continuous monitoring of code and infrastructure security.
- Participate in theon-call security response rotationto address critical security incidents.
- Perform recurring reviews and contribute to theoptimizationof the reviewprocess.
- Assist with preparation and participation insecurity compliance audits.
- Helpmentorjuniorteam members.
Your Skills and ExperienceRequirements- Hands-on experience withSIEMsolutions.
- Strong knowledge ofCVEvulnerability mitigation on VM's
- Solid understanding ofcloud security(GCP and/or AWS)
- Strong command ofEnglish(both written and spoken)
- Ability to collaborate effectively with cross-functional teams
- Experience withLinuxsystems (RedHat/CentOS)
- Know how to useJirafor project management
- Knowledge ofcontainer security(Docker)
- Experience inPentesting
- Fluent in at least one scripting language (Appscript, Python, Bash)
Nice To Have- Experience withOSSEC,Wazuh,Tenable.io,Burpsuite, Google Secops or SCCE
- Familiarity withOpsgenieorPrometheus
- Experience withpatch managementsolutions such asSatellite
- DevSecOps knowledge
- A keen focus on real-world security issues and the ability to differentiate between buzz and practical security
- Experience in payment compliances and EU regulations is a plus
Soft skills- Excellentcommunication-skills to work constructive and in cooperation with internal and external teams
- Be assertive,knowledgeableand trustworthy
- High degree ofresponsibilityandautonomy
Why You'll Love Working Here- Modern and professional European working environment
- Exceptional opportunity for traveling and training in Europe
- Highly competitive salary package(including 13th-month salary and competitive remuneration package)
- Comprehensive set of extra-legal benefits(e.g., generous private medical health insurance for employees & family members, 25 days of annual leave, annual bonus)
- Flexible work arrangements(Flexible working hours, off on Saturday and Sunday, with options for remote work, Hybrid 3 office, 2 home)
- Social insurance, health insurance, and unemployment insurance will be under Labor Law.
- Dynamic, young & international environment
- Team building activities & outing
- Brand new & state-of-art Agile office
This is where innovation meets high-stakes security.As a core member of the Aurify team, you'll be engineering the future of digital defense by diving into high-impact projects and integratingstate-of-the-art cloud and DevSecOps technologies. You will personally championZero Trustarchitectures and spearhead robust security compliance initiatives on a global scale.
Join us to master the complexities of the cloud landscape and deliver the gold standard in security excellence.
