APPLY AS
Information Security Engineer - Splunk Architect
Location: Kraków
MAKE HISTORY WITH US!
At PMI, we’ve chosen to do something incredible. We’re totally transforming our business, and building our future on smoke-free products with the power to improve the lives of a billion smokers worldwide.With huge change, comes huge opportunity. So, wherever you join us, you’ll enjoy the freedom to dream up and deliver better, brighter solutions and the space to move your career forward in endlessly different directions.
As Splunk architect, you will develop detection mechanism and overview our Splunk platform architecture. With your inquisitive mindset and skills to analyze events, you drive and implement new insights from logs to improve our monitoring against cyber threats. As an infosec engineer, you will manage entire lifecycle of security use cases including data onboarding, feature engineering, model development and operationalization to make sure our Splunk infrastructure highly enhances our security posture.
JOIN US!
WHO ARE WE LOOKING FOR?
• Minimum 5 years of experience in security analytics, security engineering or incident response;• Minimum 3 years of experience in designing, implementing and operating Splunk;
• Demonstrated experience in building/optimizing alerts and detecting threats in the early phases of the cyber kill chain using relationship among observed activities;
• Splunk professional certifications (e.g. Splunk Certified Architect, Splunk Enterprise Certified Admin, Splunk Enterprise Security Certified Admin)
WHAT WE OFFER YOU?
•Private medical and dental care, life insurance;•Remote work opportunity and flexible working arrangements;
•Employee pension plan;
•Multisport program;
•Holiday, cultural & Christmas bonus;
•Wide range of trainings, optional language classes, further education and professional qualification support possibility;
•Free bike and car parking for all employees.
HOW CAN YOU MAKE HISTORY WITH US?
• Support administration of the Security Information and Event Management (SIEM) platform in a highly available, redundant, distributed, hybrid cloud computing environment;• Partner with Information Security and other IT teams to continuously onboard new data to Splunk and implement new security monitoring use cases;
• Create and optimize correlation searches and ensure that alerts are fully integrated with the Security Orchestration, Automation and Response (SOAR) platform of the Company;
• Leverage machine learning and data mining techniques to analyze both historical and real-time, large-scale security logs from infrastructure and application systems used within the Company;
• Research new cyber attacks and develop detections rules/models by acquiring suitable data sources, feature engineering and appropriate models
Please note that only on-line applications will be taken into consideration.
Only selected candidates will be contacted.
APPLY ON-LINE IN ENGLISH
Please note that only on-line applications will be taken into consideration. Only selected candidates will be contacted.
Please note that only on-line applications will be taken into consideration. Only selected candidates will be contacted.