Senior CyberSecurity Specialist

Knowledge and Experience:

• 4+ years of experience in SOC, information security management team, blue team or similar.
• 7+ years of experience in the IT industry.
• Team leadership experience is a great plus.
• Solid understanding of enterprise technologies and security tooling landscape.
• Deep understanding of security practices, like incident management, vulnerability management, etc.
• Knowledge of modern application architecture (microservices/cloud / asynchronous communication) and threat landscape.
• General knowledge of application vulnerabilities and related issues.
• Professional certifications, such as CISSP, CISM, and similar.

Personal Attributes:

• Fluent in English and Ukrainian.
• Quick starter and learner.
• Readiness to research, investigate, and adjust to organizational needs.
• Intuition and keen instincts to pre-empt attacks.
• High level of analytical and problem-solving abilities.
• Strong interpersonal and oral communication skills.

Skillsets:

• Ideally knowledge of cybersec tooling:
• Endpoint protection toolset (e.g. CrowdStrike, Defender, etc.)
• Familiarity with monitoring tools and SIEM solutions (e.g. QRadar, Azure Sentinel, etc.).
• Network and vulnerability scanners (e.g. Qualys, Rapid7, Nessus, etc.).
• Cloud experience (in particular Azure).
• Experience with BurpSuite is a big plus.

• Define the measures and processes to mitigate cybersecurity risks, including:
  1) Monitor security events and alerts from multiple sources.
  2) Analyze and investigate security incidents and events to determine the root cause. 3) Conduct risk assessments to identify vulnerabilities and potential threats.
  3) Participate in incident response activities, including triage, containment, and remediation.
  4) Develop and maintain security documentation, procedures, and guidelines.
  5) Conduct vulnerability assessments and penetration testing.
  6) Collaborate with other teams to ensure the organization’s systems and infrastructure security.
• Participate in corporate-wide processes on behalf of the cybersecurity team, such as access provisioning, change management, awareness training, etc.
• Take the leading role in SIEM implementation project.
• Be responsible for cybersecurity tools administration.

What we offer:

Well-being:

• 10 working days of Paid Day Off within an individual year.
• Up to 15 working days of Unpaid days off within an individual year.

Professional Growth:

• Sombra University courses – enjoy a range of learning opportunities through Sombra University. It offers many educational courses, as well as educational lectures on a variety of topics.
• Sombra Around Tech – community attendance – Sombra unites engineers and experts in several areas: Front-end, Back-end, QA, DevOps, and Вusiness Analysis.
• Mentorship program – available on request.
• UDEMY online course platform – stay up-to-date with the latest technologies and programming languages.
• English courses and Speaking Club – attend English classes twice a week in small groups.

Added advantages:

• Work equipment (Laptop, monitor, and small devices compensation).
• Sombra’s referral program.
• If you know someone you believe is a good fit for our cooperation, you can recommend them and get a reward.
• Public Holidays – celebrate 18 statutory holidays in Colombia.
• Sombra events – Join Sombra’s traditional events (both online and offline).