Senior Security Engineer - Blue Team; Remote

Overview

Senior Security Engineer - Blue Team (Remote).

• Management and maintenance of SIEM tools: configuring, monitoring, and enhancing SIEM functionalities.
• Rule creation and optimization: developing rules, reports, dashboards, and use cases to detect threats and attacks.
• Threat analysis: analyzing threats using logs, IPS/IDS, cyber intelligence reports, and other data sources.
• MITRE ATT&CK framework integration: reviewing existing rules and developing new attack detection scenarios.
• Incident response: detecting, analyzing, and mitigating security incidents.
• False positive reduction: working with CDC engineers to optimize detection logic and minimize false positives.
• Log management: importing and troubleshooting logs from various security products and company-wide log sources.
• Security metrics & reporting: defining and monitoring key security metrics, creating dashboards and reports.
• Database and EDR tool management: maintaining, optimizing, and enhancing security configurations.
• Cyber intelligence & threat hunting: staying updated with the latest cyber threats and integrating threat intelligence into security operations.
• Tabletop exercises: actively participating in security drills and following up on action items.

• Bachelor s degree in Computer Engineering, Electronics Engineering, or equivalent.
• Minimum 4 years of experience in IT Security Architecture & Services.
• Strong knowledge and hands-on experience with security technologies such as WAFs, SIEM, SOAR, EDR, ETP, vulnerability scanning tools, and deception technologies.
• Hands-on experience in one of the SOAR tools (e.g., XSOAR, Resilient) is preferred.
• Strong understanding of network security devices (e.g., firewall, IPS/IDS).
• Knowledge of Syslog, HTTP, and database log formats.
• Experience with Unix and Windows operating systems.
• Deep understanding of the attack lifecycle and its stages.
• Proficiency in Python or other scripting languages.
• Holding or willing to take AWS Security Specialist Certificate.
• Preferably holding industry-recognized certificates (e.g., CEH, AWS Sec).
• Splunk Core Certified Power User is a plus.
• Strong analytical, critical thinking, and problem-solving skills.
• Ability to communicate technical details effectively to various stakeholders.
• A proactive, curious mindset with a keen interest in researching emerging cybersecurity threats and trends.

• Tech Talks with leaders from the software world and Dev Talks with our software developers.
• Hackathons, programming challenges, and coding competitions.
• Free access to exclusive services such as Laracasts, Egghead, Linked In Learning, Blinkist, Masterclass, and Spotify.
• Inclusive private health insurance.
• Smart Work Model side benefits to support food and bill expenses.
• Team activities and a playful, dress-code-free environment.
• Remote work from anywhere in Turkey.

We provide equal opportunity in a zero-discrimination workplace and acknowledge applicants regardless of sex, race, color, nationality, religion, gender identity, sexual orientation, disability status, citizenship, or marital status.