Middle Security Engineer

Summary

Join CoinsPaid, a leading crypto payment gateway, and contribute to building the world's best crypto payment ecosystem. As a Security Analyst, you will conduct alert triage, investigate security incidents, and implement remediation activities using various security tools and platforms. You will also be responsible for maintaining and improving incident response playbooks and leading vulnerability management efforts. The role requires strong hands-on experience with EDR/XDR platforms, DLP technologies, and SIEM platforms. CoinsPaid offers a remote-first work environment with employees located in 30+ countries and provides opportunities for professional growth within a rapidly developing international company.

Requirements

• Strong hands-on experience with EDR/XDR platforms for alert triage, investigation, scoping, and incident remediation
• Practical knowledge of Data Loss Prevention (DLP) technologies , including policy management, monitoring, and enforcement to prevent data leaks
• Proven ability to triage security alerts , identify false positives, and respond appropriately to real security threats
• Proficiency with SIEM platforms , including writing and tuning detection rules, integrating log sources, and conducting in-depth investigations
• Experience in Web Application Firewall (WAF) management , including event analysis and rule customization to defend against web-based threats
• In-depth understanding of incident response processes , with hands-on involvement in detection, analysis, containment, eradication, and recovery stages
• Ability to develop and maintain incident response playbooks , aligning procedures with evolving threat landscapes and organizational needs
• Solid background in vulnerability management , including vulnerability scanning, risk-based prioritization, and coordination of remediation actions
• Competence in reading and analyzing logs from operating systems, applications, network devices, and cloud environments to support security investigations and ensure compliance
• Good level of spoken and written English (B1+) and Russian

Responsibilities

• Conducted alert triage, investigation, scoping, and remediation activities using EDR/XDR platforms, ensuring timely response to endpoint and extended detection alerts
• Operated and maintained Data Loss Prevention (DLP) technologies , monitoring data movement and enforcing policies to prevent unauthorized data exfiltration
• Performed triage of security alerts , distinguishing false positives from true threats, and executed appropriate escalation or resolution workflows
• Utilized Security Information and Event Management (SIEM) platforms to write, test, and tune detection rules, integrate log sources, and manage comprehensive investigation procedures
• Analyzed Web Application Firewall (WAF) events, created and tuned rulesets to block malicious traffic while minimizing false positives
• Participated in end-to-end incident response , including detection, forensic analysis, containment, eradication, and recovery of cybersecurity incidents
• Maintained and improved incident response playbooks , ensuring alignment with current threats and best practices
• Led vulnerability management efforts by conducting scans, prioritizing findings based on risk, and coordinating with stakeholders for timely remediation
• Reviewed and interpreted logs from diverse sources including operating systems, applications, network appliances, and cloud infrastructure to support investigations and compliance

Preferred Qualifications

• Experience with cloud environments
• Knowledge of Kubernetes environment and containerized applications
• Familiarity with the fintech domain

Benefits

Remote work, flexible hours