Description:
Our client is hiring experienced Security Site Reliability Engineers (SREs) to manage a large-scale CISO infrastructure. SREs ensure high availability of CISO and SOC solutions, combining operational and software development skills. They must possess deep knowledge of security services infrastructure, particularly email security, SIEM, and SOAR solutions used by our SOC. Our team relies on Proofpoint, Splunk, and XSoar for protection and response. As a DevOps shop, our engineers design and support security solutions for the Security Operations Center, the first line of defence in today's interconnected world.
Job Responsibilities
- Be a responder on the SRE on-call rotation (Pager Duty) to address incidents affecting service availability.
- Prevent incidents from recurring through blameless postmortems.
- Manage infrastructure on Azure and AWS.
- Utilize Infrastructure as Code (IaC) tools, including Terraform and Ansible.
- Establish monitoring systems that generate alerts for symptoms before they escalate into outages. * Document every action to transform your findings into repeatable procedures and eventually automate them.
- Enhance operational processes, such as deployments and upgrades, to make them as simple and efficient as possible.
- Design, build, and maintain core infrastructure capable of scaling to handle large volumes of data, possibly in the terabytes.
- Troubleshoot production issues across all services and layers of the technology stack.
- Strategically plan the expansion of our infrastructure.
- Analyse systems, considering edge cases, failure modes, behaviours, and specific implementations.
- Create and maintain architectural documentation.
- Assist and collaborate with other system owners and project development teams that require integration with various enterprise security systems.
- Offer expert advice to the Security Technical Design Authority.
- Be available for occasional night or weekend work.
Experience Requirements
- Familiarity with agile methodologies; using epics and issues to drive projects.
- Experience in managing complex security solutions in large environments.
- A strong understanding of Linux, network troubleshooting, analysis, and current security methodologies.
- A strong understanding of cybersecurity technologies, protocols, and applications.
- Detailed technical experience in the installation, configuration, and operation of high-end security solutions.
- Experience with log management platforms, including Splunk, Elasticsearch, Logstash, Kibana (ELK), and the Elastic Stack.
- Experience with container services, including Docker and Kubernetes.
- Experience with IDS/IPS, SEIM, Endpoint solutions, and related technologies.
- Proficiency in conducting Root Cause Analysis (RCA) investigations and performing operational readiness reviews.
- A thorough (advanced to expert) understanding of IT security and the implementation of security-related guidelines, including their impact on IT infrastructures.
- Strong problem-solving abilities across multiple enterprise technology environments with complex integrations.