Security Engineer SOC in Raiffeisen Bank

We are Aval — Raiffeisen Bank Aval — Raiffeisen Bank Ukraine. We are Ukrainian bank. For 30 years, since the first steps of Independence, we have been creating and building the banking system of our country #Together_with_Ukraine. We are one of the largest banks in Ukraine and reliable partner for millions of Ukrainians.

We are fully responsible for all tech development and work as the IT company inside of the bank. We achieve high-speed digital products. We implement modern engineering practices, work on innovations that build high-quality interaction with our customers.

Our bank is people-centric, focusing on the individual and liberating personal innovative power. It’s our way. We look forward to fostering a lasting relationship with you and our innovation.

#RaifTeam. Welcome you to join us!

Your responsibilities:

Organizing processes of internal SOC:

• Log-management processes, monitoring and incident management of information security
• Development of monitoring scenarios
• Administration of monitoring systems and log-management

Preferred qualification:

• Basics of AWS, Microsoft Defender for EndPoint
• Knowledge of tactics, techniques, and procedures according to MITRE ATT&CK
• Knowledge of syslog, windows event log collector at the administrator level
• Basics of Linux, Windows OS, work principles of commutation equipment and main instruments of security (IPS/HIPS, FW, WAF, Proxy, AV, DLP, IDM)
• Basics SQL, regex, Python
• Principles of information security and incident management monitoring organization (use cases, rulebooks/playbooks, response procedures)
• Knowledge of K8s

Will be a plus:

• Knowledge of OpenSearch/ELK at the administrator or analyst level
• Knowledge of instruments and services for AWS logging and monitoring (CloudTrail, CloudWatch, VPC Flow Logs, AWS Security Hub, etc.)
• Knowledge of ArcSight products (ArcSight ESM 7.X, ArcSight Logger 7.X, ArcSight Command Center 2.X) at the administrator or analyst level, ArcSight connectors development and administration
• Knowledge of Splunk at the analyst level
• Knowledge basics of Threat Intelligence (MISP)

We offer:

International business career: work in a large international company that creates a diverse and inclusive environment for professional and personal growth. Strong Raiffeisen community of highly professional and successful teams from different countries.

Challenging WOW-projects: involvement into large-scale projects on product development, using modern engineering technologies, unique approach to encouraging customer-driven innovation.

Comfortable and safe format of work: flexible work conditions including remote work or hybrid models alternating between in-office hours and remote work. Offices with uninterruptible power supply and bomb shelters are provided to perform duties.

Professional development: knowledge sharing with colleagues from abroad, development within the company, upskilling and reskilling opportunities, internal competitions. The possibility of obtaining a T-shaped expertise. Internal and external training programs. Corporate English courses. Soft skills trainings at our corporate L&D academy. Team building activities and involvement into social projects.

Attractive social package and wellbeing: 28 days of paid vacation, medical insurance, official employment. Mental and Physical health support: individual psychological sessions and lectures, -free online workouts, yoga.

Stable income: competitive salary and bonuses for your efforts and contribution, rewards for participation in the referral program.

Our team on social media:

Facebook
Instagram

_________________________________________________________________________

Ми — Аваль — Райффаyzen Bank Aval - Raiffeisen Bank Ukraine - Ukrainian bank. Already 30 years since the first steps of Independence, we have been creating and building the banking system of our state #Together_with_Ukraine. We were and are one of the largest banks in the country, a reliable partner for millions of Ukrainians.

Raiffeisen Tech is responsible for the technological side of changes in Raifa - it is a kind of IT company within the bank. We increase the efficiency and speed of digital products, implement modern engineering practices and innovations. We do everything to ensure that the client receives a cool and reliable service.

Combining the principles of human-centeredness and innovation in our work is our way. We invite to the team people who will be with us in the movement of innovation.

Join the#Rife commands!

What you will do:

Organization of internal SOC processes:

• Processes of log management, monitoring and management of information security incidents
• Development of monitoring scenarios
• Administration of monitoring and log management systems
li>

Required knowledge and experience:

• OpenSearch/ELK administrator and analyst level knowledge
• Knowledge of AWS logging and monitoring tools and services (CloudTrail, CloudWatch, VPC Flow Logs, AWS Security Hub, etc.)
• AWS Basics, Microsoft Defender for EndPoint
• Knowledge of MITER ATT&CK tactics, techniques and procedures
• li>Knowledge at the administrator level of syslog, windows event log collector
• Fundamentals of Linux, Windows operating systems, principles of operation of switching equipment and basic security tools (IPS/HIPS, FW, WAF, Proxy, AV, DLP, IDM )
• Fundamentals of SQL, regex, Python
• Principles of organizing information security monitoring and incident management (use cases, rulebooks/playbooks, response procedures)
• Knowledge of K8s< /li>

Would be a plus:

• OpenSearch/ELK administrator and analyst level knowledge
• Knowledge of AWS logging and monitoring tools and services (CloudTrail, CloudWatch, VPC Flow Logs, AWS Security Hub, etc.)
li>
• Knowledge at the administrator and analyst level of the ArcSight product line (ArcSight ESM 7.X, ArcSight Logger 7.X, ArcSight Command Center 2.X), development and administration of ArcSight connectors
• Knowledge at Splunk analytics
• Knowledge of the basics of Threat Intelligence (MISP)

We offer:

Experience of working in a large systemic international business:work in a large international company that creates a diverse and inclusive environment for the professional and personal development of employees. A strong Raiffeisen Bank International community consisting of highly professional and successful teams from different countries.

Cool WOW projects: participation in large-scale projects for the development of banking products, using advanced technologies and approaches that will allow our customers to receive the best, most convenient service.

Convenient and safe work format: flexible conditions, the ability to work remotely or in a hybrid model (remote and in the office). To perform your duties, you can use offices with uninterrupted power supply and available bomb shelters.

Professional development: exchange of knowledge with colleagues from abroad, development within the company, professional development and retraining, participation in internal selections. The possibility of obtaining a t-shaped examination. Internal and external training. Corporate English language courses. Soft skills trainings at our corporate academy. Team-building activities and participation in social projects.

Wellbeing package and program: 28 days of paid basic leave and additional leave, health insurance, formal employment. Mental and physical health care: individual psychological sessions and group lectures, free sports online classes.

Stable income:competitive salary and bonuses for your personal contribution, rewards for participation in the referral program.

Our social media team:

Facebook
style="text-decoration: none" target= "_blank">Instagram