Security Engineer, Cyber Defence
Serbia
Full Time
3 days ago
No Sponsorship
Key skills
AWSCloudPythonEKSIAM
About this role
Role Overview
- Design, write, test and tune detections across Cortex XDR / XSIAM, cloud telemetry, identity telemetry, endpoint, network and application logs.
- Run structured threat hunts against hypotheses.
- Stand on the bridge during P1 and P2 incidents.
- Build and maintain SOAR playbooks.
- Be the team’s primary technical interface to the Palo Alto managed SOC.
- Work with offensive security partners to run purple-team exercises.
Requirements
- Demonstrable hands-on experience as a SOC analyst (senior / tier 3), detection engineer, threat hunter or incident responder.
- Strong working knowledge of at least one major SIEM/XDR platform and the query language behind it.
- Practical experience investigating in AWS — CloudTrail, GuardDuty, VPC flow logs, EKS audit logs, IAM analysis.
- Scripting competence in Python or an equivalent.
- Solid grounding in MITRE ATT&CK, the diamond model and a structured approach to investigation.
- Calm under pressure.
Tech Stack
- AWS
- Cloud
- Python
Benefits
- Flexible work arrangements
- Professional development opportunities