Skip navigation EPAM

SOC Analyst Budapest, Hungary or Remote

SOC Analyst Description

Job #: 74401
EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.

No less important is the safety, well-being and experience of our applicants. Therefore, until further notice, all EPAM employment interviews will be conducted remotely. Our recruitment professionals and hiring managers are standing by to ensure a robust and engaging virtual candidate experience. We look forward to speaking with you!

DESCRIPTION


EPAM is looking for a SOC Analyst to join the Security practice to work directly with our biggest enterprise customers.

Responsibilities

  • Monitor on-prem and cloud infrastructure for attacks, intrusions, and unusual, unauthorized, or illegal activity
  • Monitor identity and access management, including monitoring for abuse of permissions by authorized system users
  • Create SIEM and SOAR detection and remediation scenarios, implement them as detection and response rules. Create, test, and update playbooks
  • Perform threat hunting and support threat intelligence processes
  • Use advanced analytic tools to determine emerging threat patterns and vulnerabilities

Requirements

  • Technical knowledge of Internet security, networking protocols, and related technologies, including IDS/IPS, firewalls, content filtering, Network Behavior Analysis tool, Anti-malware, and packet inspection
  • Basic understanding of Windows, Linux, DB, and network device monitoring and logging technics
  • Basic understanding of host and network security hardening, networking protocols, common intrusion techniques, and common risk management concepts
  • Basic knowledge of malware detection, intrusion detection, and prevention systems
  • Experience with 1 or more SIEM solutions (Splunk, QRadar, ArcSight, LogRhythm, ELK, Wazuh, Apache Metron, OSSIM, etc.)
  • Experience with 1 or more SIRP / SOAR tools (TheHive, Cortex, Phantom, Demisto, Resilient, etc.)
  • Experience with network security will be a plus
  • Experience with Firewalls (F5, Juniper, Check Point, Palo Alto, Cisco) will be a plus

We offer

  • Dynamic, entrepreneurial, high speed, high growth corporate environment
  • Diverse multicultural, multi-functional, and multilingual work environment
  • Opportunities for personal and career growth in a progressive industry
  • Global scope, international projects
  • Widespread training and development opportunities
  • Unlimited access to LinkedIn learning solutions
  • Competitive salary and various benefits
  • Sport and social teams support, recreation area, advanced CSR programs

Hello. How Can We Help You?

Our Offices