Siem Engineer BOLOGNA

Siem Engineer
Bologna
Emilia Romagna, BOLOGNA

We are a leading trading platform that is ambitiously expanding to the four corners of the globe. Our top-rated products have won prestigious industry awards for their cutting-edge technology and seamless client experience. We deliver only the best, so we are always in search of the best people to join our ever-growing talent team.

As a Security Operations | SIEM Engineer, you will be responsible for Detection & Response infrastructure, Threat Intelligence, SIEM Integrations, establishing new rules and implementing tools for security monitoring at the infrastructure level.

Responsibilities: Develop, manage and maintain a SIEM system and related tools for security event monitoring, alerting and incident analysis

Configure and optimise the process of data collection, correlation, and analysis from various sources (systems, applications, networks)

Develop and implement rules to detect potential threats and anomalies

Participate in responding (escalation) to information security incidents, investigate threats, and prepare recommendations

Participate in the configuration of SIEM integration with various security systems (EDR, Firewall, IDS/IPS, etc)

Continuously improve monitoring and analytical processes based on best practices in information security

Ensure compliance with internal security policies and regulatory requirements (PCI DSS, ISO 27001, GDPR, etc. )

Develop and maintain internal documentation (document procedures, best practices and go-forward solutions to ensure effective knowledge sharing and improvement of existing tools and processes)

General Requirements: 3+ years proven experience in the field of information security and defensive security-related roles

Knowledge of/experience with international information security standards, methodologies and frameworks: ISO 27001, PCI DSS, GDPR, NIST, MITRE, CIS Controls/Benchmarks, etc.

A Bachelor's degree is strongly preferred, specifically in Information Security, Information Technology, Computer Science or a related field

Relevant information security certifications are a plus

Skill Requirements: Strong knowledge of information security: fundamental concepts, architectures, tools, processes and operations (monitoring, IR, TI, TH, etc), information security threats and vulnerabilities, and countermeasures and associated operational best practices

Hands-on experience with network (firewalls and IDS/IPS systems) and endpoint security (Operation systems and EDR/EPP), security alert triage, event logs, writing correlation rules, and creating dashboards

Knowledge, practical skills and experience with security monitoring tools/systems

Experience with building, configuring, and managing SIEM and related tools

Experience with container environments, virtualisation and message brokers

Experience with various APIs and scripting (Bash, Shell, Powershell, Python, Ruby)

Basic knowledge of ethical hacking methods and penetration testing

Experience with security automation tools (SOAR), automation systems (IaC) and understanding CI/CD is a plus

What you get in return: You will join the company that cares about work and life balance

Annual Bonus based on the performance review cycle

Generous Annual Leave Policy

Medical Insurance and Pension fund, with additional benefit packages based on the location

Hybrid working model with full flexibility

Possibility of taking two additional days of paid leave per year to dedicate to volunteering efforts.

#J-18808-Ljbffr