Security Engineer

Within DT-Technik, we are looking for an ambitious and experienced colleague in the security area (T-SRC) for the Security Operations Center Technik (SOCT) squad. The Squad SOCT offers comprehensive services for the security of DT Technik's networks and systems.

• Security monitoring in SIEM (Security Information and Event Management), Elastic Endpoint Protection (EPP) and other sources.
• Monitor and investigate security events and incidents using established processes and procedures
• Categorizing and reporting incidents following established procedures
• Create and update incident logs, ensuring accurate and thorough documentation
• Prepare lessons learned reports to enhance incident response processes
• Maintaining and updating detection rulesets following established processes
• Development and operation of automatic end-to -end test chain for cyber attack detection rules (SIEM, IDS, EPP)
• Bug fixing and optimisation of the tested detection rules
• Development of missing detection rules

Requirements

• IT Security experience
• Technical knowledge and experience with at least one well-known SIEM or security analytics solution
• Solid knowledge of Windows and Linux operation systems
• General knowledge of web security, network protocols, devices, services, and related technologies (TCP/IP, Firewall, IPS/IDS, web proxy)
• Understanding of host-based security tools such as anti-virus and EDR
• In-depth knowledge of cybersecurity principles, technologies and best practices
• Demonstrated understanding of threat landscapes, attack vectors, and vulnerabilities
• Experience in programming and/or scripting languages (Powershell, Python)
• Strong analytical and problem-solving skills, ability to analyze logs of various devices, solutions
• Reliable English communication skills (both written and verbal)

Additional information

Advantages

• Previous SOC experience
• Microsoft Certified Windows Server Administrator (or equivalent Windows Certification)
• Vendor certificates (IBM, Microsoft, Splunk, CrowdStrike or equivalent)
• Any advanced security certificate (GSEC, OSCP/OSCE or equivalent)
• Basic presentation, project management, document management skills
• German communication skills

* Please be informed that our remote working possibility is only available within Hungary due to European taxation regulation.