Cyber security engineer

Short company description

BIT SENTINEL is one of the leading companies in Central and Eastern Europe to provide Managed Cyber Security services, Offensive Security, Compliance, and Hacking Simulation Services.

The BIT SENTINEL Security Operation Center (BSS-CERT) is an effective and efficient solution designed, operated, and managed by experienced and certified security specialists providing offensive and defensive capabilities through the detection, analysis, and remediation of cyber threats.

Since it was founded, the BIT SENTINEL team focused on providing premium and high-quality offensive security services such as advanced black box and white box penetration testing, application code review, forensics, and incident response.

BSS-CERT is one of the first professional SOC-as-a-Service available for customers across all major verticals and industries who need comprehensive monitoring, detection, response, and threat intelligence capabilities. The Security Operation Center currently operates under normal business hours in Bucharest, Romania, with the capability to be extended on a 24/7 monitoring, depending on customers needs. Moreover, our team of engineers has a 24/7 on-call SLA response outside of standard business hours.

Job description:

We are looking for a passionate cyber security engineer to join our fast growing team. We believe it’s essential to have a continuous drive for self improvement and self motivation.
As a Cyber security engineer, you will be an important asset for the BSS-CERT where you can come up with innovative ideas for improving the processes as well as the overall strategy. You will work closely with the other teams to improve capabilities and offer high quality services to our customers.

Duties and Responsibilities

As part of the BSS-CERT, you will play an active role in all the technical activities, including identifying, developing, and integrating best practices according to each business case. Moreover, you will have an active involvement in improving the overall BSS-CERT’s capabilities development strategy to detect better, respond, and react to security threats, review alerts and security incidents investigations, and analysis.

The BSS-CERT team also monitors and offers guidance and technical expertise in application security, infrastructure and cloud security, policies and procedures, disaster recovery and compliance/regulation.

Main responsibilities

  • You will have to manage and monitor security alerts from key information security dashboards (IDS, antivirus, EDR, centralized logging, etc)
  • You will have to investigate alerts escalated from L1/L2, determining the threat source, the extent to which client assets have been compromised, adding recommendations for remediation as well as assisting in the implementation
  • You will participate in incident response activities
  • You will have to analyse and supervise different incident response actions with internal and external teams while owning the incident/event’s responsibility until complete closure.
  • You will have to come up with ideas to automate and integrate security tools and activities
  • You will be able to define, develop and strengthen internal security processes, programs, procedures, documentation, workflows
  • You will either assist or perform constant risk assessments, threat modeling, privacy assessments and information security reviews for new and our existing customers
  • You will be able to get involved and provide recommendation to improve existing capabilities that refer to monitoring, detection and/or how to respond to cyber threats
  • You will constantly interact with vulnerability, threat management and red teams and perform malware investigations, penetration testing, and threat hunting 
  • You can research and develop new playbooks, runbooks and automation if you see the opportunity
  • You will work on special R&D security projects on an ad hoc basis
  • You will need to communicate, lead and support your colleagues with information security best practices
  • You will have to keep up to date with existing security threats and evolve network security posture accordingly

Requirements and Qualifications

  • 2-5 years of experience in IT&C; 
  • Solid understanding of network services, vulnerabilities and attacks;
  • Previous experience of working with raw log files review, data correlation, and analysis and also with network security tools, network traffic analyzers, firewalls logs, network flows, intrusion detection systems, system logs, memory dumps, vulnerability management (e.g., Rapid7, Nessus, Qualys, Acunetix), SOAR platforms (e.g., Splunk Phantom, Palo Alto Demisto) and SIEM (Splunk ES, ElasticSIEM etc) and Open Source equivalent
  • Previous experience in creating and maintaining procedures, documentations, workflows and runbooks.
  • Previous customer support experience including the resolution of customer escalations, incident handling and reporting.
  • Good knowledge of Bash (Unix shell) scripting, Python, Powershell
  • Good understanding of automation 
  • Familiarity with general application and network security concepts 
  • Strong organizational skills and detail-oriented
  • Strong presentation, written and verbal communication skills
  • Self-starter, doesn’t want to be micromanaged
  • Excellent team player

Good to have:

  • Professional certification is a plus (eg. GIAC, Cisco, Juniper, CompTIA, ITIL, Unix, Microsoft, Oracle, AWS)
  • State and configuration automation tools like Puppet, Chef, Ansible, Terraform
  • Knowledge of building and deploying with Container tools: Docker Container Management and Registries, Kubernetes management
  • Previous knowledge of reverse engineering and malware analysis
  • Knowledge of information security standards such as ISO27001, PCI DSS, GDPR, NIS
  • Experience with systems development, systems administration and/or network administration
  • University degree from an accredited college or university, or equivalent 
  • Previous Experience in Responsible Disclosure & Bug Bounties
  • Basic knowledge of penetration testing is a plus.

Benefits package:

  • Attractive compensation package: fixed salary compensation along with rewards & incentives performance-related bonus scheme  
  • Premium Private health insurance for your and one family member
  • Meal tickets
  • An exciting career in a dynamic, growing organization with a very diverse portfolio 
  • Professional and friendly working environment
  • Professional development through specific trainings/certification
  • Certification courses and exams compensation
  • Work from Home / work from office options available 
  • Seasonal team building activities 
  • Gift vouchers
  • Excellent job perspective for the future
  • And many more

Other info:

Besides providing cyber security services & advisory for companies from different sectors such as Fintech, Healthcare, Real Estate, Retail, Ecommerce, Online, Startups, Blockchain, Critical Infrastructures etc. we are also:

  • Creator and Maintainer of Cyberedu.ro, Next-gen hands-on trainings for students & cybersecurity professionals
  • Involved as one of the key technical partners from the RESISTO project: an innovative solution for Communication CIs holistic situation awareness and enhanced resilience
  • Technical coordinator for the National Phase & Selection of National Teams of European Cyber Security Challenge, one of the most important cybersecurity competitions from Europe
  • Developer & Technical Coordinator of Business Internet Security Threat Map, a technology developed by us for Orange Romania that presents the visualization from a high overview perspective of the data gathered from the Orange Romania Business Internet Security agents deployed across Romania
  • Developer & Maintainer of RO Hacked – Register and Catalog Web Attacks Against Websites from Romania

How to contact us

The office is located in the central area of Bucharest. For CV or any other inquiries, please send us an email at contact [at] bit-sentinel dot com.


contact@bit-sentinel.com

get in touch