Insider One is hiring a Senior Security Engineer - Blue Team (Remote)

Responsibilities

• Management and Maintenance of SIEM Tools: Configuring, monitoring, and enhancing SIEM functionalities.
• Rule Creation and Optimization: Developing rules, reports, dashboards, and use cases to detect threats and attacks.
• Threat Analysis: Analyzing threats using logs, IPS/IDS, cyber intelligence reports, and other data sources.
• MITRE ATT&CK Framework Integration: Reviewing existing rules and developing new attack detection scenarios.
• Incident Response: Taking an active role in detecting, analyzing, and mitigating security incidents.
• False Positive Reduction: Working with CDC Engineers to optimize detection logic and minimize false positives.
• Log Management: Importing and troubleshooting logs from various security products and company-wide log sources.
• Security Metrics & Reporting: Defining and monitoring key security metrics, creating dashboards and reports.
• Database and EDR Tool Management: Maintaining, optimizing, and enhancing security configurations.
• Cyber Intelligence & Threat Hunting: Staying updated with the latest cyber threats and integrating threat intelligence into security operations.

Requirements

• Bachelor's degree in Computer Engineering, Electronics Engineering, or equivalent.
• Minimum 4 years of experience in IT Security Architecture & Services.
• Strong knowledge and hands-on experience with security technologies such as WAFs, SIEM, SOAR, EDR, ETP, vulnerability scanning tools, and deception technologies.
• Strong understanding of network security devices (e.g., firewalls, IPS/IDS).
• Knowledge of Syslog, HTTP, and database log formats.
• Experience with Unix and Windows operating systems.
• Deep understanding of the attack lifecycle and its stages.
• Proficiency in Python or other scripting languages.
• Strong analytical, critical thinking, and problem-solving skills.
• Ability to communicate technical details effectively to various stakeholders.
• A proactive, curious mindset with a keen interest in researching emerging cybersecurity threats and trends.

Nice to Have

• Holding or willing to take the AWS Security Specialist Certificate.
• Preferably holding industry-recognized certificates (e.g., CEH, AWS Sec).
• Splunk Core Certified Power User is a plus.
• Hands-on experience with one of the SOAR tools (e.g., XSOAR, Resilient).

Benefits

• Enjoy a monthly meal allowance designed to enhance your daily routine.
• Access comprehensive private health insurance.
• Feed your curiosity with access to Spotify, LinkedIn Learning, Blinkist, MasterClass, Neoskola, and CloudGuru.
• Level up with internal trainings covering AI fundamentals, coding, foreign languages, and a wide range of personal development skills.
• Be part of a diverse team that’s as global as it gets, where every voice is heard and 50+ nationalities build together.
• Become a Shareowner through our eligibility-based “ESOP” and own a piece of what you build.
• Help build the team you want to work with and enjoy rewarding referral bonuses.
• Opportunities to give back to your community through volunteering and purpose-driven social impact projects.
• From global retreats to team-building activities, expect year-round events that turn into lifelong memories.
• Get inspired by the greatest minds in the tech industry through events like our Tech & Dev Talks.

Team

Team size: 1,500+. Structure: 50+ nationalities across 30+ offices

Additional Information

• Work from anywhere in Turkey through our fully remote setup.