Why should you JOIN US

UnderDefense is the biggest Ukrainian Security Consulting and Managed Detection & Response (MDR) provider.
This is unique niche and demand on Cybersecurity is growing dramatically
. So we are growing too.

Our key Achievements for 2019 are covered here, but here are some outstanding things we are Proud of:

Ready to join Rockstar TEAM? Check opportunities below and Apply!

 

Location: Ukraine (Lviv or Kyiv)

AWS SecOps Mid-Senior-Lead position (Cloud Security Ops Engineer)

Responsibilities

  • Drive SecOps & DevOps team to make IT/Ops secure on global scale
  • IDS/IPS (Threatstack) and other security tools deployment access infrastructure
  • AWS IAM Access management, Auditing, Notifications/Alerts
  • Terraform/Ansible configuration management, Security as a Code
  • PKI
  • Hashicorp stack (HSS) ( Terraform by HashiCorp)
  • AWS Security Hub/GuardDuty/Cloudtrail

Experience

  • Strong knowledge of AWS
  • 3+ years of OS/Network hardening experience (Windows and Linux preferably)
  • 3+ years of Linux or Windows administration experience (AD, GPO, WMI, services)
  • Automation mindset with scripting ability using Python or other languages
  • Install, configure, and troubleshoot application stacks (e.g. Apache, nginx, PHP, etc.) and database applications (e.g. MySQL, PostgreSQL, MS-SQL, etc.)
  • Familiarity with one or more virtualization technologies (VSphere or HyperV is a big plus)
  • Ability and desire to:
    • Analyze, interpret and implement security hardening and best practice guidelines from reputable industry sources like Center for Internet Security (CIS20), DISA and others
    • Experience deploying and configuring server operating systems, application stacks, databases, and other systems. Configure them according to various security hardening guides
    • Leverage scripting languages (e.g Python) to develop an automation for supporting the generation of benchmark and best practices, integrated into our cloud security platform
    • Create automation to enrich customer’s vulnerability database

Nice To Have

  • Bachelor’s degree in a technical field or equivalent experience
  • Strong understanding of information security technologies – including networking, firewall technologies, VPN, configuration management & server hardening, user management, intrusion detection, log analysis, vulnerability assessment
  • Demonstrable attention to detail, creative problem-solving, and persistence in your work product
  • Work comfortably at a fast-paced, multi-tasking environment

About a Client

#2 in VPN service provider platforms from Silicon Valley. The huge infrastructure that needs You to take it under control and put the right cloud security controls in place.

We Offer

  • Innovative solutions delivery to the world’s digital changes
  • Experience exchange with colleagues all around the world
  • Opportunities for self-realization
  • Friendly team and enjoyable working environment
  • Engineering, corporate and social events
  • Social package: professional & soft skills training, medical & family care programs, sports
  • Free English classes
  • Flexible working schedule
  • Remote is ok

Content Writer

Remote work can considered for a well-qualified candidate.

Position Overview

If you have excellent English and writing is your superpower we have a great opportunity for you to dive into the CyberSecurity Industry. 

Content Writer responsibilities include conducting thorough research on industry-related topics, generating ideas for new content types and proofreading articles before publication. If you’re familiar with producing online content and have an eye for detail, we’d like to meet you.



Job Responsibilities

  • Interview top Security guys (Ethical Hackers and Incident responders) and compile an article/blog post about awesome cybersecurity discoveries/knowledge they shared
  • Compile analytics on cybersecurity industry, analyze trends and discuss it with experts
  • Write clear texts and following content requirements 
  • Compile infographic or any other visual/graphical explanation of main idea of publication
  • Promotion on Social Media
  • Conducting research on any given topic
  • Research industry-related topics (combining online sources, interviews and studies)
  • Coordinate with marketing and design teams to illustrate articles 

 

Preferred Qualifications

  • Excellent writing and editing skills in English
  • Experience doing research using multiple sources
  • Ability to meet a deadline

Senior C/C++ engineer (High load computing and network)

Our research

With an “Ingen first” spirit and a true agile philosophy, we are looking, because of our growth, a seasoned developer in love with C and the network who wishes to join a team of enthusiasts! What will appeal to us are your skills: no specific diploma is required, you will be judged solely on your abilities and your experience. We are looking for a curious person, with a good technical background, able to learn, to teach, and to enjoy working in a team.

Come and participate in the design of the European product that competes with the American giant’s thanks to teams of talents in many fields. There are real technical challenges to overcome in order to successfully analyze more and more network protocols in real-time with flows of up to several million packets per second.

Your skills

  • Real mastery of the C language (C11 standard) and of multi-threaded programming in a Linux environment.
  • You have experience with atomic types and operations in C.
  • You are familiar with profiling and code analysis tools (GProf, GPerf), debugging tools (GDB, Valgrind), and sanitizers (LLVM).
  • You have knowledge and interest in networking aspects (TCP / IP) and ideally, you already know Wireshark well.

Your job

  • Participate in the development of our real-time network sniffer,
  • Add new features, increase performance, add support for new protocols and maintain existing code,
  • Be proactive in terms of technical design.

Our technical stack

  • A real-time C network analyzer of network frames,
  • Back: Python3, mypy, asyncio, ansible
  • System: VMWare, HyperV, KVM, Xen, QEMU, AWS, Azure, GCP …
  • Open Source Database,
  • A high-performance stream processor for alerting (OCAML),
  • Linux Debian 9.

How does it work? We place our sniffer in our clients’ infrastructure and it produces performance analysis to the backend. Then we provide an HMI and APIs to analyze the data received, process it, and provide real-time analysis of the performance of infrastructures and applications!

What we Offer

  • Official employment, 18 days vacation, paid sick leave
  • Competitive salary
  • Flexible work schedule
  • Free English lessons
  • Comfortable office
  • Exciting work in a dynamic team
  • Business trips to  Canada

Senior C engineer (High load computing and network)

Our research

With an “Ingen first” spirit and a true agile philosophy, we are looking, because of our growth, a seasoned developer in love with C and the network who wishes to join a team of enthusiasts! What will appeal to us are your skills: no specific diploma is required, you will be judged solely on your abilities and your experience. We are looking for a curious person, with a good technical background, able to learn, to teach, and to enjoy working in a team.

Come and participate in the design of the European product that competes with the American giant’s thanks to teams of talents in many fields. There are real technical challenges to overcome in order to successfully analyze more and more network protocols in real-time with flows of up to several million packets per second.

Your skills

  • Real mastery of the C language (C11 standard) and of multi-threaded programming in a Linux environment.
  • You have experience with atomic types and operations in C.
  • You are familiar with profiling and code analysis tools (GProf, GPerf), debugging tools (GDB, Valgrind), and sanitizers (LLVM).
  • You have knowledge and interest in networking aspects (TCP / IP) and ideally, you already know Wireshark well.

Your job

  • Participate in the development of our real-time network sniffer,
  • Add new features, increase performance, add support for new protocols and maintain existing code,
  • Be proactive in terms of technical design.

Our technical stack

  • A real-time C network analyzer of network frames,
  • Back: Python3, mypy, asyncio, ansible
  • System: VMWare, HyperV, KVM, Xen, QEMU, AWS, Azure, GCP …
  • Open Source Database,
  • A high-performance stream processor for alerting (OCAML),
  • Linux Debian 9.

How does it work? We place our sniffer in our clients’ infrastructure and it produces performance analysis to the backend. Then we provide an HMI and APIs to analyze the data received, process it, and provide real-time analysis of the performance of infrastructures and applications!

What we Offer

  • Official employment, 18 days vacation, paid sick leave
  • Competitive salary
  • Flexible work schedule
  • Free English lessons
  • Comfortable office
  • Exciting work in a dynamic team
  • Business trips to  Canada

Strong Junior Front End Developer (Ember JS)

Our research

We are looking for a full-time developer in love with JavaScript and the network who wishes to join a team of enthusiasts! What will appeal to us are your skills: no specific diploma is required, you will be judged solely on your abilities and your eagerness to learn. We are looking for a curious person, with a good technical background, able to collaborate with, and enjoy working in a team.

Come and participate in the design of the European product that competes with the American giant’s thanks to teams of talents in many fields. 

How does it work? We place our sniffer in our clients’ infrastructure and it produces performance analysis to the backend. Then we provide an HMI and APIs to analyze the data received, process it, and provide real-time analysis of the performance of infrastructures and applications!

Your skills

  • Ability to work independently
  • Good communication skills (at least Upper-Intermediate English level) 
  • Experience in working with modern JS frameworks (preferably MVC/MVVM-based, like Ember/Angular/Vue)
  • Knowledge of design patterns and object-oriented programming
  • Knowledge of CSS and responsive design
  • Experience in working with REST API
  • Knowledge of NoSQL databases

Would be nice to have too:

  • Knowledge of TypeScript
  • Experience in working with SQL
  • Experience in creating data visualizations (AMCharts, ECharts, D3)
  • Knowledge of UX principles

Your job

  • Participate in the development of our real-time network sniffer, collaborate with UI offices, implement state-of-the-art interfaces.
  • Be proactive in terms of interface design.

What we Offer

  • Official employment, 18 days vacation, paid sick leave
  • Competitive salary
  • Flexible work schedule
  • Free English lessons
  • Comfortable office
  • Exciting work in a dynamic team
  • Business trips to  Canada

Azure Sentinel Engineer / Cloud Security Operations Engineers

Remote work will be considered for a well-qualified candidate.

Position Overview

UnderDefense is looking for a candidate who has experience in Azure and especially Sentinel SIEM. As a Cloud Security Engineer, you will be expected to consult, develop alerting, provide best practices for the Azure and Sentinel platform, identify security detection gaps in infrastructure and process, and effectively execute projects/initiatives to address them, demonstrate excellent judgment, prioritization and communication of technical security risks, and act as a security liaison while supporting the Security Operations Center.

Job Responsibilities Will Include

  • Use Microsoft Sentinel as appropriate to provide logging and metrics for a variety of Azure-based applications.
  • Create alerts and monitoring for key security and application events.
  • Develop dashboards and reports for monitoring of real-time log data.
  • Advice on prioritization of data collection and data retention to achieve maximum results for security and event monitoring.
  • Deliver results through teamwork while achieving security and incident response goals.

Preferred Qualifications

  • 2+ years of experience as an Azure administrator, architect, or consultant
  • Experience with Sentinel.
  • Experience in interacting with other IT stakeholders gathering requirements, onboarding, configuration, and optimization of the Splunk suite of tools
  • Preferred experience with Linux systems and using scripting languages (Shell, Python, SQL) to automate tasks and manipulate data
  • Knowledge of enterprise logging, including application, OS, and security technology logging
  • Cybersecurity: 2 years
  • Customer Facing Consulting: 2 years
  • Azure Platform: 3 years
  • Azure Sentinel: 1 year
  • Can advise customers on the Microsoft Cloud Security capabilities across the Azure platform
  • Deep understanding of how to implement best practices for designing and securing Azure
  • Deep experience with Microsoft technologies including Azure Active Directory, MDT, Windows Server, and M365/O365
  • Deep understanding in the configuration of End Point security features
  • A base understanding of common exploitation tools, tactics, and procedures
  • Familiarity with determined adversaries and how malicious software persists on compromised systems
  • Ability to look at situations from several points of view

Preferred Certifications

  • Microsoft Certified: Azure Security Engineer Associate – AZ-500
  • SANS – GSEC, GCIA, GMON, GCDA, GCED
  • ISC(2) – CISSP, CCSP
  • other similar professional certifications

Job Description

  • Provides subject matter expertise when applying security concepts. Leverages technical knowledge and industry experience to design, build, and maintain technology solutions. Responsible for deliverables related to project timelines.
  • Responsible for working with architecture to take high-level architectural designs and determine the specifics around implementation details (ex: sizing) integration details, onboarding, and operationalization.
  • Evaluates patches, updates, and ongoing maintenance. Determines impacts on existing solutions when new standards are implemented. Utilizes change control and other governance processes to ensure alignment of solutions.
  • Develops detailed implementation, configuration, design, and engineering documentation. Build and implement solutions.
  • Works with operational partners to enable transition and day-to-day supportability.
  • Provides engineering support to existing technology in a production environment and collaborating with other groups as required. Seeks opportunities to grow a broad knowledge base to complement specific subject matter expertise.

Mid or Senior Penetration Tester

Qualifications:

  • Technical skills: Web/Mobile security, Network Security, Windows domain, UNIX/Linux, and basic experience in  Reverse Engineering is a plus.
    • Knowledge of system and/or web application vulnerabilities and risk assessment methodologies such as OWASP Risk Rating Methodology.

    Preferred Experience:

    • eWPT or OSCP or other related security certifications
    • Love to code on Python, .NET, or similar languages

Responsibilities:

Do penetration tests of applications and networks against a wide array of technologies and platforms

  • Create detailed penetration testing reports which explain identified technical and logical security findings, describe potential business risks, and present prioritized recommendations
  • Understand, review, interpret vulnerability assessment
  • help design Secure SDLC in a mixed waterfall/agile environment (OWASP SAMM)
  • hands-on perform specialist appsec processes in SDLC (design review, Java code review, testing, etc)
  • help properly set up automation in CI/CD (so HP Fortify / HP WebInspect suck less)
  • basic performance testing to ensure system’s Availability (optional)
  • Contribute to the ongoing enhancement of the company’s penetration testing assessment capabilities
  • Collaborate and share knowledge internally
  • Ability to think outside the box and simulate adversarial approaches

What we offer:

  • Growth, really fast growth
  • Good salary + really challengeable projects
  • Brilliant Team
  • Paid vacation and sick-leaves
  • Paid certifications and courses
  • Internal training and workshop (conferences, workshops, training, etc.)
  • English courses  
  • Work-rest balance support ( foosball, workout station) 

Please send your CVs to [email protected]

Marketing Manager

UnderDefense is determined to keep on growing. So, Marketing is looking for a passionate, driven Digital Marketing Manager with hands-on experience in running ads, analytics, campaigns, SEO. If you are a self-starter always looking for new challenges and you have a get-things-done approach to work, we are looking for you.

Main Responsibilities:

  • Develop and execute marketing campaigns tailored to multiple segments of customers
  • Partner across teams to deliver work on-time and on-budget
  • Collaborate with internal and external teams to execute from concept to development
  • Develop and execute test plans to refine messaging and drive lift
  • Apply best practices to determine opportunities to improve the customer experience

The ideal candidate will have:

  • Hands-on experience in launching and managing CPC campaigns is a must
  • Experience with media including display remarketing
  • Ability to work both independently and to collaborate in a team
  • Strong quantitative, analytical, and problem-solving skills
  • Interest in and proven ability to quickly learn new and apply it to business needs
  • Demonstrated ability to prioritize multiple projects with great attention to detail
  • Demonstrated ability to work independently and autonomously
  • Pushes for the best customer experience and business results
  • Highly collaborative with an affinity for building relationships across teams

We offer:

  • 18 business days of payable annual free-time
  • 10 days of paid sick leave
  • Competitive compensation package (base + bonus for KPI)

Professional growth:

  • Challenging and non-standard tasks and projects
  • Individual Development Plan

Fun:

  • Team buildings
  • Corporate events and outstanding parties
  • Anniversary presents

Compliance manager (ISO27001, SOC2)

Sales Manager / Business Development Manager

Must:

  • Sales background in IT (2+ years)
  • Advanced English, both written and verbal
  • Proven successful sales track record (B2B)
  • Excellent networking, communication, and negotiation skills
  • Proactive Team player, flexible, self-motivated, result-oriented
  • Consistently and Persistence

Big plus:

  • Participation in international programs like Flex, Work and Travel USA  or other abroad living experience  
  • Experience in Public speaking/presentations, pitching
  • Familiarity with trending sales techniques/tools and best practices

We Offer

  • Outstanding Sales team
  • Decent base Compensation fixed in USD
  • Sales commissions monthly (5% for 1 year for each closed deal)
  • Opportunity to travel onsite to the US, Canada, EU
  • Attending sales conferences, training, R&D, networking events, etc.
  • Funny celebrations, team outings, and unforgettable corporate events
  • Compensation for sick lists and regular vacations
  • Marketing team support your activities
  • Comfortable office or possibility to work remotely

Responsible for

  • Achieve quarterly and annual quota and pipeline development objectives
  • Dealing with multiple warm leads from US/Western Europe/Middle East
  • Preparing business offers and commercial proposals
  • Holding negotiations with clients
  • Deals closure and successful transition to delivery
  • CRM activity and rules adherence for accurate sales planning, reporting, and forecasting
  • Attending conferences, events, and meetups (once the borders are open)

    Please send your CVs to [email protected]

    Tier 3 Security Analyst / Threat Hunter

    Splunk SIEM engineer

    Elastic SIEM engineer

    We are a highly successful company with great ambitions. We operate in a very competitive market so every day we are looking for opportunities to be better. To be faster. Even faster. Never stand aside and never afraid to try. Having a lot of own ideas we are very open for fresh ones

    We invite those who fired up to:

    • Work with a large dataset from different infrastructures;
    • Design and implement monitoring/prevention security controls for new company’s products/features/3-rd parties integrations;
    • Analyze actual threats and develop mitigation controls;
    • Support and develop SIEM not only as a system – but as a process.

    Requirements:

    • 2+ years of experience as IT security specialist/analyst, SOC analyst, SIEM specialist position;
    • Experience with SIEM administration and support: Elastic Stack, Splunk;
    • The system administrator or DevOps background: Unix systems, DBs, AWS, k8s, Git;
    • Experience with log collection, parsing, and enrichment with Elastic beats, logstash, syslog-ng, rsyslog;
    • Strong experience at logs analysis, correlation, and visualization via Elastic stack tools;
    • Scripting development using a variety of tools like Bash, Python, Ruby, Go;
    • Use of MITRE ATT&CK and Cyber Kill Chain frameworks.

    We care about your:

    Health

    • 100% paid sick leaves;
    • 23 working days of paid vacation.

    Wealth

    • Competitive salary and сonstant encouragement for your efforts and contribution;
    • Bonuses according to company’s policy;
    • Welfare (financial support in the critical situation).
    • Gifts for significant life events (marriage, childbirth).

    Personal and professional growth

    • Individual annual training budget with an opportunity to visit paid conferences, training sessions, workshops, etc.;
    • Free corporate library;
    • Opportunity to visit our non-stop internal meetups: open talks, IT Pump, etc. as a participant or a speaker and exchange knowledge;
    • A world-class team of T-shaped skilled professionals that share knowledge and support each other.

    Leisure time

    • Corporate parties and events (Pub Quiz, Carquest, bowling championships, etc.);
    • PM Foundation activities (social responsibility events);
    • Weekly events aimed at culture, arts, soft skills development.

    IBM Qradar SIEM engineer

    Please send your CVs to [email protected]

    Middle Python Engineer

    You are

    • 3+ years of enterprise software development experience
    • Upper-Intermediate and a higher level of English
    • Hands-on experience with Python
    • Practical experience using Docker and/or Kubernetes
    • Expertise with the following: backend APIs, databases, services integration, cybersecurity, core infrastructure, and tooling
    • In-depth understanding of GIT
    • Write clean and well-crafted code
    • Solid understanding of development lifecycle (design, test, implement, document) and release management using modern collaboration tools
    • Able to learn quickly to understand different business domains
    • BS in computer science or a related field

    What will make you stand out

    • Experience with cloud computing platforms like AWS, GCP, or Azure
    • Adept of testing, following of TDD/BDD is your advantage
    • Willingness to learn new domains and technologies
    • Team leadership skills and experience

    You want to work with

    • Such technologies as Python, REST APIs, web development, GIT, Kubernetes, Docker, Conda, Postgres (or comparable databases)
    • Data science, ML, and AI domains
    • Product for the enterprise-level users
    • Estimation and scope breakdown
    • Requirements elicitation and releases planning
    • Direct communication with the client

    Location: Global or Remote

    MacOS Malware Analyst / Reverse Engineer

    UnderDefense is a fast-growing company that safeguards businesses around the globe from cybersecurity threats. We are looking for a Reverse Engineer who will join our Reverse Engineering Team improving an antivirus engines that secures 2+ million customers over 9 years.

    You will get a chance to investigate the latest malware samples and design ways of resilience to cyber threats. Primarily you will work in MacOS malware direction, but we also give chances to take part in other projects in offence & defense areas and develop skills in the cybersecurity domain. If you are with a curious mindset and have an interest in malware engineering, we are willing to have you in our UD team.

    Type of employment contract: Full-time position 

    Starting date of the contract: As soon as possible

    Location: Lviv office (remote – is available but for very mature candidates). We provide relocation support + 1-month free apartment

    Send CVs to [email protected]

    Qualifications:

    Level of English: Intermediate+

    Preferred Experience: Perform reverse of malicious samples and ability to clearly explain their behavior

    Technical skills: 

    • MITRE/TTP/IoA/IoC strong understanding
    • C/C++, Bash, Python, Powershell
    • Cryptography: understanding basic principles, encoding, hashing
    • UNIX Operating System concepts
    • Yara rules experience
    • OS virtualization: VMWare, Virtual machines
    • Assembly language knowledge, at least basic
    • Working with Sandbox and ability to analyse their results: e.g: Cuckoo Sandbox, Any.Run, Joe Sandbox, etc
    • Experience working with IDS
    • Mitre Matrix knowledge

    Tools:

    • Network: strong knowledge of WireShark, tcpdump etc
    • Experience working with reverse engineering tools (IDA, Ghidra, Hopper etc.)
    • Experience with debuggers:gdb, lldb etc
    • Experience working with System Monitoring tools: ProcMon, SysMon (Windows), auditd (Linux), Monitor.app, FortiAppMonitor (Mac OS)
    • Experience working with osquery and analyzing output.
    • Experience with tracing tools: dtrace, dtruss etc
    • Working with VirusTotal, VirusShare, VirusBay in order to find new threats

    Will be a plus:

    • DB: experience working with Mongo DB and SQL will be a plus

    • Working with Big data analysis tools like Splunk and ELK will be preferable

    • Exploit development knowledge

    • Digital Forensics experience will be a plus

    What we offer:

    • Growth, really fast growth
    • Good salary + really challengeable projects
    • Brilliant Team
    • Great conditions for education and development within the company 
    • Paid vacation and sick-leaves
    • Paid certifications and courses
    • Internal training and workshops
    • Work-rest balance support (Foosball, workout station) 
    • English courses

    Please send your CVs to [email protected]

    Senior Penetration Tester / Security Engineer (Poland)

    Qualifications:

    • Technical skills: Web/Mobile security, Network Security, Windows domain, UNIX/Linux, and basic experience in  Reverse Engineering is a plus.
      • Knowledge of system and/or web application vulnerabilities and risk assessment methodologies such as OWASP Risk Rating Methodology.

      Preferred Experience:

      • eWPT or OSCP or other related security certifications
      • Love to code on Python, .NET, or similar languages

    Responsibilities:

    Do penetration tests of applications and networks against a wide array of technologies and platforms

    • Create detailed penetration testing reports which explain identified technical and logical security findings, describe potential business risks, and present prioritized recommendations
    • Understand, review, interpret vulnerability assessment
    • help design Secure SDLC in a mixed waterfall/agile environment (OWASP SAMM)
    • hands-on perform specialist appsec processes in SDLC (design review, Java code review, testing, etc)
    • help properly set up automation in CI/CD (so HP Fortify / HP WebInspect suck less)
    • basic performance testing to ensure system’s Availability (optional)
    • Contribute to the ongoing enhancement of the company’s penetration testing assessment capabilities
    • Collaborate and share knowledge internally
    • Ability to think outside the box and simulate adversarial approaches

    What we offer:

    • Growth, really fast growth
    • Good salary + really challengeable projects
    • Brilliant Team
    • Paid vacation and sick-leaves
    • Paid certifications and courses
    • Internal training and workshop (conferences, workshops, training, etc.)
    • English courses  
    • Work-rest balance support ( foosball, workout station) 

    Please send your CVs to [email protected]

    Azure Sentinel Engineer / Cloud Security Operations Engineer

    Remote work will be considered for a well-qualified candidate.

    Position Overview

    UnderDefense is looking for a candidate who has experience in Azure and especially Sentinel SIEM. As a Cloud Security Engineer, you will be expected to consult, develop alerting, provide best practices for the Azure and Sentinel platform, identify security detection gaps in infrastructure and process, and effectively execute projects/initiatives to address them, demonstrate excellent judgment, prioritization and communication of technical security risks, and act as a security liaison while supporting the Security Operations Center.

    Job Responsibilities Will Include

    • Use Microsoft Sentinel as appropriate to provide logging and metrics for a variety of Azure-based applications.
    • Create alerts and monitoring for key security and application events.
    • Develop dashboards and reports for monitoring of real-time log data.
    • Advice on prioritization of data collection and data retention to achieve maximum results for security and event monitoring.
    • Deliver results through teamwork while achieving security and incident response goals.

    Preferred Qualifications

    • 2+ years of experience as an Azure administrator, architect, or consultant
    • Experience with Sentinel.
    • Experience in interacting with other IT stakeholders gathering requirements, onboarding, configuration, and optimization of the Splunk suite of tools
    • Preferred experience with Linux systems and using scripting languages (Shell, Python, SQL) to automate tasks and manipulate data
    • Knowledge of enterprise logging, including application, OS, and security technology logging
    • Cybersecurity: 2 years
    • Customer Facing Consulting: 2 years
    • Azure Platform: 3 years
    • Azure Sentinel: 1 year
    • Can advise customers on the Microsoft Cloud Security capabilities across the Azure platform
    • Deep understanding of how to implement best practices for designing and securing Azure
    • Deep experience with Microsoft technologies including Azure Active Directory, MDT, Windows Server, and M365/O365
    • Deep understanding in the configuration of End Point security features
    • A base understanding of common exploitation tools, tactics, and procedures
    • Familiarity with determined adversaries and how malicious software persists on compromised systems
    • Ability to look at situations from several points of view

    Preferred Certifications

    • Microsoft Certified: Azure Security Engineer Associate – AZ-500
    • SANS – GSEC, GCIA, GMON, GCDA, GCED
    • ISC(2) – CISSP, CCSP
    • other similar professional certifications

    Job Description

    • Provides subject matter expertise when applying security concepts. Leverages technical knowledge and industry experience to design, build, and maintain technology solutions. Responsible for deliverables related to project timelines.
    • Responsible for working with architecture to take high-level architectural designs and determine the specifics around implementation details (ex: sizing) integration details, onboarding, and operationalization.
    • Evaluates patches, updates, and ongoing maintenance. Determines impacts on existing solutions when new standards are implemented. Utilizes change control and other governance processes to ensure alignment of solutions.
    • Develops detailed implementation, configuration, design, and engineering documentation. Build and implement solutions.
    • Works with operational partners to enable transition and day-to-day supportability.
    • Provides engineering support to existing technology in a production environment and collaborating with other groups as required. Seeks opportunities to grow a broad knowledge base to complement specific subject matter expertise.

    That’s our TEAM because Together Everyone earns More

    Read our latest NEWS

    N-day exploit development and upgrade to RCE

    N-day exploit development and upgrade to RCE

    Write-up:N-day exploit development and upgrade to RCE[CVE-2018-6231] Trend Micro Smart Protection Server Bypass Vulnerability + Code Execution By Taras Zelyk, Serhiy Sych, Bogdan Vennyk “At UnderDefense we are not only hunting for vulnerabilities and analyzing their...

    read more

    View Report

    Leave your contacts to View Report

     

    You have Successfully Subscribed!

    ViewReport

    Leave your contacts to View Report

     

    You have Successfully Subscribed!

    View Report

    Leave your contacts to View Report

     

    You have Successfully Subscribed!

    Pin It on Pinterest