IT Security Engineer
  • Ukraine Kyiv
  • Abona
1 year before
20.09.2023
Protect and Defend
Job Description

At the moment we are looking for a IT Security Engineer to Kiev office.

Responsibilities:
-Implement and manage security monitoring systems, including -Security Information and Event Management (SIEM) tools.
-Monitor, triage, and respond to security incidents in a timely and efficient manner/
-Monitor security vulnerabilities and threats, analyze their potential impact, and recommend appropriate remediation actions.
-Implement and manage vulnerability management tools and processes to proactively identify and patch security vulnerabilities.
-Design, deploy, and configure security technologies, such as data loss prevention (DLP) systems, endpoint protection, and encryption solutions.
-Evaluate new security products and technologies and make recommendations for their implementation.
-Collaborate with network and systems administrators to ensure security controls are integrated into the infrastructure.
-Collaborate with incident response teams to contain, mitigate, and recover from security breaches.
-Monitor security events and alerts, analyze logs, and investigate potential security incidents.
-Coordinate with internal teams and external stakeholders to resolve security incidents and implement appropriate remediation measures.

Qualifications and Skills:
-Bachelor’s degree in Computer Science, Information Security, or a related field (Master’s degree preferred).
-Relevant industry certifications such as CISSP, CISM, CEH, or GIAC.
-Proven experience in IT security engineering, vulnerability management, and incident response.
-Strong knowledge of security technologies and tools, including firewalls, IDS/IPS, SIEM, DLP, antivirus, and encryption solutions.
-Familiarity with security frameworks and standards such as ISO 27001, NIST, CIS CONTROLS.
-Experience with security assessment tools and techniques, vulnerability scanning
-Knowledge of network protocols, TCP/IP, VPN, and network architecture.
-Understanding of cloud security concepts and technologies.
-Up-to-date knowledge of emerging security threats and trends.

We offer:
-Remote work
-Official employment under a labor contract or as a FOP
-Comfortable office with all the amenities near Darnitsa square
-Modern equipment for performing tasks
-Work schedule Mon-Fri 9.00-18.00
-Flexible start of the working day until 10.00
-24 days of vacation
-Medical insurance
-The ability to choose work as you like: from the office or from home.

Quick response
Required Knowledge
  • K0002   Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0006   Knowledge of specific operational impacts of cybersecurity lapses.
  • K0007   Knowledge of authentication, authorization, and access control methods.
  • K0013   Knowledge of cyber defense and vulnerability assessment tools and their capabilities.
  • K0019   Knowledge of cryptography and cryptographic key management concepts
  • K0042   Knowledge of incident response and handling methodologies.
  • K0061   Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • K0074   Knowledge of key concepts in security management (e.g., Release Management, Patch Management).
  • K0075   Knowledge of security system design tools, methods, and techniques.
  • K0177   Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
  • K0179   Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • K0221   Knowledge of OSI model and underlying network protocols (e.g., TCP/IP).
  • K0290   Knowledge of systems security testing and evaluation methods.
  • K0205   Knowledge of basic system, network, and OS hardening techniques.
  • K0041   Knowledge of incident categories, incident responses, and timelines for responses.
  • K0009   Knowledge of application vulnerabilities.
  • K0265   Knowledge of infrastructure supporting information technology (IT) for safety, performance, and reliability.
Required Skills
  • S0147   Skill in assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.).
  • S0167   Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability and compliance scanning).
  • S0052   Skill in the use of social engineering techniques. (e.g., phishing, baiting, tailgating, etc.).
  • S0171   Skill in performing impact/risk assessments.
Required Abilities
  • A0015  Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.