5 дней назад
Intermediate Security Engineer (SIEM)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
Текст:
TL;DR
Security Engineer (SIEM/Logging): Designing and operating centralized logging and SIEM platforms with an accent on telemetry pipelines and high-volume data routing. Focus on building SOAR workflows, developing detection content, and ensuring scalability for enterprise-grade security data.
Location: Zurich, Switzerland (Onsite)
Company
is a global wealth management firm focused on creating value beyond wealth.
What you will do
- Architect and operate centralized logging and SIEM platforms, ensuring high availability and scalability for enterprise-grade data volumes.
- Design and maintain telemetry pipelines for routing, enrichment, and multi-destination delivery using tools like Cribl Stream.
- Develop and operationalize SOAR workflows to automate incident response and improve security operations efficiency.
- Create service monitoring, detection content, reports, and dashboards to provide actionable security intelligence.
- Collaborate with infrastructure and application teams to integrate new data sources and ensure data quality.
- Provide 2nd and 3rd level engineering support, including participation in an on-call rotation.
Requirements
- Minimum 5 years of hands-on experience engineering and administering enterprise SIEM platforms.
- Strong experience designing and operating data pipelines and log routing infrastructure (e.g., Cribl Stream).
- Practical scripting and automation skills with Python, Bash/Shell, or JavaScript.
- Working experience with GIT, SQL, REST APIs, and regular expressions.
- University degree in Computer Science, Information Security, or equivalent practical experience.
- English: B2/C1 proficiency required.
Nice to have
- Experience with configuration management tools such as Ansible.
Culture & Benefits
- Opportunity to work within a global team in a regulated financial services environment.
- Culture that values individual qualities, entrepreneurial spirit, and empowerment.
- Engagement with early-stage observability use cases and high-volume enterprise infrastructure.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →