Description

RESPONSIBILITIES:

• Improving the effectiveness of countering cyberattacks targeting the company’s infrastructure and assets.
• Building, deploying, and scaling a monitoring system across the entire IT infrastructure, including cloud technologies.
• Developing and optimizing the SOC process model with regard to industry specifics.
• Enhancing event-correlation mechanisms and coverage with validated rules for adversary tactics and techniques (MITRE ATT&CK).
• Advancing Threat Intelligence (TI) and Threat Hunting (TH) capabilities.
• Implementing and optimizing SOAR, SIEM, XDR, NTA, and Deception tools to secure assets.
• Collaborating with other departments to integrate security into development and operations processes.

REQUIREMENTS:

• Education: Higher, technical (Information Security, IT, Telecom).
• Ability to work with Linux at an administrator level.
• Knowledge of scripting languages (Python/Bash).
• Deep knowledge of networks and protocols: TCP/IP, DNS, DHCP, HTTP(S), VPN, proxy.
• Experience managing a SOC or a monitoring and response team for at least 5 years.
• Experience deploying and integrating security systems (SIEM, SOAR, XDR, NTA, TI/TH and other security solutions) used within a SOC.
• Skills in incident investigation and response; understanding of infrastructure risks.
• Experience building an incident management system based on best practices (NIST, ISO 27001, ITIL, COBIT).
• Experience working with regulators and ensuring compliance with information security legislation.
• Strong leadership skills and experience developing a team of information security experts.
• Languages: Kazakh and Russian — conversational; English — B2.