EPAM is a leading global provider of digital platform engineering and development services.
We are committed to having a positive impact on our customers, our employees, and our communities.
We embrace a dynamic and inclusive culture.
Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow.
No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.
We are seeking a skilled
Security Engineer
to join our Support team and help ensure the security of our enterprise systems.
This role involves proactively monitoring systems, detecting vulnerabilities, and responding to potential threats in a 24/7 environment.
If you are passionate about cybersecurity and thrive in a fast-paced setting, we encourage you to apply.
Responsibilities
- Work in a 24/7 operational environment with alternating shifts (2 working days, 2 days off, 12-hour shifts including 1 hour for rest)
- Monitor on-premises and AWS infrastructure to detect attacks, intrusions, and unauthorized or suspicious activity
- Oversee identity and access management processes, ensuring proper use of permissions by system users
- Develop and implement SIEM and SOAR detection and response scenarios, including creating, testing, and updating playbooks
- Conduct threat hunting activities and support threat intelligence processes
- Perform additional security operations tasks alongside monitoring activities
- Generate detailed reports for technical teams, stakeholders, and non-technical audiences
- Leverage advanced analytic tools to identify emerging threats and vulnerabilities
Requirements
- 2+ years of experience in Security Engineering
- Strong technical knowledge of internet security, networking protocols, and technologies such as IDS/IPS, firewalls, content filtering, Network Behavior Analysis tools, anti-malware, and packet inspection
- Good understanding of monitoring and logging techniques for Windows, Linux, databases, and network devices
- Solid knowledge of host and network security hardening, networking protocols, common intrusion methods, and risk management principles
- Basic understanding of malware detection as well as intrusion detection and prevention systems
- Familiarity with at least one SIEM solution (e.g., Splunk ES, QRadar, ArcSight, LogRhythm, ELK, Microsoft Sentinel)
- Experience with at least one SIRP/SOAR tool (e.g., TheHive, Cortex, Splunk SOAR, Phantom, Cortex XDR, Resilient)
- Fluent English proficiency (written and spoken) at a B2 level or higher
Nice to have
- Experience with AWS cloud security
- Knowledge of network security and firewalls such as F5, Juniper, Check Point, Palo Alto, and Cisco
- Proficiency in Linux administration and scripting
- Familiarity with Microsoft Windows security practices
- Experience with scripting languages such as Bash, PowerShell, or Python
- In-depth knowledge of network security concepts and practices
We offer
- International projects with top brands
- Work with global teams of highly skilled, diverse peers
- Healthcare benefits
- Employee financial programs
- Paid time off and sick leave
- Upskilling, reskilling and certification courses
- Unlimited access to the LinkedIn Learning library and 22,000+ courses
- Global career opportunities
- Volunteer and community involvement opportunities
- EPAM Employee Groups
- Award-winning culture recognized by Glassdoor, Newsweek and LinkedIn