Security Operations Center Senior Security Engineer

**DESCRIPTION**:The Security Operations Center (SOC) team is currently seeking a highly skilled and experienced individual to join us as a Senior Security Engineer. In this role, you will play a crucial part in maintaining and enhancing our security operations by providing top-notch detection monitoring and response solutions. We are searching for a talented cybersecurity professional who can bring their creative thinking to the table, developing innovative detection content and effectively managing incidents. Furthermore, your expertise will be instrumental in refining our incident response techniques and bolstering our overall security posture.EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.RESPONSIBILITIES- Craft detection content- Prioritize and triage events- Improve existing detection content and playbooks- Ensure timely incident response- Perform on-duty/on-call support- Handle major security incidents- Analyze and document incidents- Develop hypothesis-driven threat hunts- Analyze various events, including but not limited to web traffic, underlying network protocols, malware, lateral movement techniques, tactics, and procedures (TTPs), as well as Microsoft and Linux security events- Conduct logfile correlation and analysis- Perform system and memory analysis- Manage chain of custody and forensic acquisitions- Oversee major incident response or breach investigations**REQUIREMENTS**:- In-depth knowledge of the current threat landscape, offensive tooling, as well as OWASP and MITRE ATT&CK® techniques- Familiarity with technical writing skills to effectively communicate complex topics to non-technical audiences- Excellent oral and written communication skills in English- Experience in malware and exploit analysis or reverse engineeringNICE TO HAVE- Experience in developing with Python, Kusto, or other scripting languages- Familiarity with Azure or Amazon AWS- Knowledge of network security- Proficiency in Python- Experience with Splunk Enterprise Security- Familiarity with Splunk monitoring toolsTECHNOLOGIES- SOC/CSIRT setup- OWASP and MITRE ATT&CK® techniques- ITSM- Microsoft and Linux security events- Network ProtocolsWE OFFER- Career plan and real growth opportunities- Unlimited access to LinkedIn learning solutions- International Mobility Plan within 25 countries- Constant training, mentoring, online corporate courses, eLearning and more- English classes with a certified teacher- Support for employee’s initiatives (Algorithms club, toastmasters, agile club and more)- Enjoyable working environment (Gaming room, napping area, amenities, events, sport teams and more)- Flexible work schedule and dress code- Collaborate in a multicultural environment and share best practices from around the globe- Hired directly by EPAM & 100% under payroll- Law benefits (IMSS, INFONAVIT, 25% vacation bonus)- Major medical expenses insurance: Life, Major medical expenses with dental & visual coverage (for the employee and direct family members)- 13 % employee savings fund, capped to the law limit- Grocery coupons- 30 days December bonus- Employee Stock Purchase Plan- 12 vacations days plus 4 floating days- Official Mexican holidays, plus 5 extra holidays (Maundry Thursday and Friday, November 2nd, December 24th & 31st)- Relocation bonus: transportation, 2 weeks of accommodation for you and your family and more- Monthly non-taxable amount for the electricity and internet billsCONDITIONS