Senior IS Specialist

Knowledge and Experience:

• 4+ years of experience in SOC, information security management team, blue team or similar.
• 7+ years of experience in the IT industry.
• Team leadership experience is a great plus.
• Solid understanding of enterprise technologies and security tooling landscape.
• Deep understanding of security practices, like incident management, vulnerability management, etc.
• Knowledge of modern application architecture (microservices/cloud / asynchronous communication) and threat landscape.
• General knowledge of application vulnerabilities and related issues.
• Professional certifications, such as CISSP, CISM, and similar.
  Personal Attributes:
• Fluent in English and Ukrainian.
• Quick starter and learner.
• Readiness to research, investigate, and adjust to organizational needs.
• Intuition and keen instincts to pre-empt attacks.
• High level of analytical and problem-solving abilities.
• Strong interpersonal and oral communication skills.
  Skillsets:
  Ideally knowledge of cybersec tooling:
• Endpoint protection toolset (e.g. CrowdStrike, Defender, etc.)
• Familiarity with monitoring tools and SIEM solutions (e.g. QRadar, Azure Sentinel, etc.).
• Network and vulnerability scanners (e.g. Qualys, Rapid7, Nessus, etc.).
• Cloud experience (in particular Azure).
• Experience with BurpSuite is a big plus.

• Define the measures and processes to mitigate cybersecurity risks, including:
  1) Monitor security events and alerts from multiple sources.
  2) Analyze and investigate security incidents and events to determine the root cause. 3) Conduct risk assessments to identify vulnerabilities and potential threats.
  3) Participate in incident response activities, including triage, containment, and remediation.
  4) Develop and maintain security documentation, procedures, and guidelines.
  5) Conduct vulnerability assessments and penetration testing.
  6) Collaborate with other teams to ensure the organization’s systems and infrastructure security.
• Participate in corporate-wide processes on behalf of the cybersecurity team, such as access provisioning, change management, awareness training, etc.
• Take the leading role in SIEM implementation project.
• Be responsible for cybersecurity tools administration.

• Annual paid vacation of 18 working days.
• Extra vacation days for long-lasting cooperation.
• Annual paid sick leave of 10 days.
• Maternity/Paternity leave.
• The opportunity for sabbatical leave.
• Marriage and Parenthood Package.
• Compensation for sports activities (up to 250$ per year) or health insurance covering (70%) — after the trial period.
• Internal education (corporate library, Udemy courses).
• Career development plan.
• English and Spanish classes.
• Paying taxes and managing PE (Private Entrepreneur).
• Technical equipment.
• Internal Referral program.
• Opportunity to take part in company volunteering activities.
• Sombra is a “Friendly to Veterans” award-holder.