Senior Security Engineer - Blue Team

Summary

Join Insider, a leading B2B SaaS company, as a Security Engineer - Red Team. You will work with cutting-edge AI and machine learning technologies, contributing to a fast-paced, innovative environment. This role involves managing and maintaining SIEM tools, analyzing threats, responding to incidents, and collaborating with other teams. The ideal candidate possesses a Bachelor's degree in a relevant field, at least 4 years of IT security experience, and strong knowledge of security technologies. Insider offers a comprehensive benefits package, including health insurance, remote work options, professional development opportunities, and a vibrant company culture.

Requirements

• Bachelor's degree in Computer Engineering, Electronics Engineering, or equivalent
• Minimum 4 years of experience in IT Security Architecture & Services
• Strong knowledge and hands-on experience with security technologies such as WAFs, SIEM, SOAR, EDR, ETP, Vulnerability Scanning Tools, and Deception Technologies
• Strong understanding of network security devices (e.g., Firewall, IPS/IDS)
• Knowledge of Syslog, HTTP, and Database log formats
• Experience with Unix and Windows operating systems
• Deep understanding of the attack lifecycle and its stages
• Proficiency in Python, or other scripting languages
• Holding or willing to take AWS Security Specialist Certificate
• Strong analytical, critical thinking, and problem-solving skills
• Ability to communicate technical details effectively to various stakeholders
• A proactive, curious mindset with a keen interest in researching emerging cybersecurity threats and trends

Responsibilities

• Management and Maintenance of SIEM Tools: Configuring, monitoring, and enhance SIEM functionalities
• Rule Creation and Optimization: Developing rules, reports, dashboards, and use cases to detect threats and attacks
• Threat Analysis: Analyzing threats using logs, IPS/IDS, cyber intelligence reports, and other data sources
• MITRE ATT&CK Framework Integration: Reviewing existing rules and developing new attack detection scenarios
• Incident Response: Taking an active role in detecting, analyzing, and mitigating security incidents
• False Positive Reduction: Working with CDC Engineers to optimize detection logic and minimize false positives
• Log Management: Import and troubleshooting logs from various security products and company-wide log sources
• Security Metrics & Reporting: Defining and monitoring key security metrics, creating dashboards and reports
• Database and EDR Tool Management: Maintaining, optimizing, and enhance security configurations
• Cyber Intelligence & Threat Hunting: Staying updated with the latest cyber threats and integrating threat intelligence into security operations
• Tabletop Exercises: Actively participating in security drills and follow up on action items

Preferred Qualifications

• Hands-on experience in one of the SOAR tools (e.g., XSOAR, Resilient)
• Preferably holding industry-recognized certificates (e.g., CEH, AWS Sec)
• Splunk Core Certified Power User is a plus

Benefits

• ���Tech Talks” with famous and groundbreaking people from the software world, “Dev Talks” where our Software Developers talk about their career steps, and many events where groundbreaking ideas are discussed
• Hackathons we organize inside that push the boundaries, programming challenges, and coding competitions
• Free access to exclusive services such as Laracasts, Egghead, LinkedIn Learning, Blinkist, Masterclass, and Spotify
• Inclusive Private Health Insurance
• Smart Work Model side benefits to support food and bill expenses
• The infamous Team Activities that are bursting with fun
• No Dress code! This is a fast and innovative startup, you can wear whatever you want
• Remote Work! Work anywhere you'd like in Turkey