сегодня

Backend Developer

выше рынка на 51,1%
вакансия 471 559 ₽
в среднем 312 150 ₽
Загрузи резюме, чтобы видеть мэтчи с вакансией

генерация резюме под вакансию

Загрузи резюме в профиль, чтобы сгенерировать временное CV под эту вакансию

сопроводительное письмо

Загрузи резюме в профиль, а нейросеть определит твою категорию. Затем ты сможешь генерировать сопроводительные письма для вакансий этой категории

описание

Acronis is a global leader in cyber protection, delivering AI-powered solutions for managed service providers through a natively integrated platform that unifies operations management, cybersecurity, and data protection. The company provides an all-in-one solution designed to protect, manage, and automate workloads for businesses worldwide.

задачи

  • Own and optimize the Elastic Security platform including Elasticsearch, Kibana, Fleet, Logstash, and Elastic Agents;
  • Design and maintain ingestion pipelines for cloud, endpoint, network, and application telemetry;
  • Improve telemetry quality, data retention, performance, and investigation workflows;
  • Integrate SIEM workflows with SOAR and automation tooling;
  • Build and maintain a Detection-as-Code pipeline using Git-based workflows and CI/CD automation;
  • Develop, test, tune, and maintain high-fidelity detections using Elastic Security, EQL, and KQL;
  • Reduce alert noise through tuning, enrichment, suppression, and exception handling;
  • Map detections to MITRE ATT&CK and drive detection coverage strategy;
  • Track detection quality metrics including alert fidelity, false positive rates, and coverage gaps;
  • Assist with complex alert escalations and perform initial incident scoping;
  • Execute initial containment actions such as endpoint isolation, blocking, and account suspension;
  • Participate in a low-frequency on-call rotation for critical incidents;
  • Translate incident learnings into improved detections and telemetry coverage;
  • Partner with infrastructure, DevSecOps, and cloud teams to improve logging and visibility;
  • Build automation and tooling using Python and/or PowerShell;
  • Support purple team exercises and adversary simulations.

требования

  • 5+ Years of cybersecurity engineering experience;
  • 3+ Years focused on SIEM engineering, detection engineering, or security analytics;
  • Strong hands-on experience with Elastic Security and the Elastic Stack;
  • Experience building or maintaining Detection-as-Code workflows using Git and CI/CD pipelines;
  • Strong understanding of detection tuning, alert fidelity, and operational detection quality;
  • Ability to independently investigate complex alerts and produce actionable findings;
  • Proficiency in Elastic Security, Kibana, Fleet, Elastic Agents, EQL/KQL;
  • Expertise in detection engineering and MITRE ATT&CK mapping;
  • Experience with Jenkins, Bitbucket Pipelines, GitHub Actions, or similar CI/CD tooling;
  • Proficiency in Python and/or PowerShell scripting;
  • Knowledge of AWS CloudTrail, VPC Flow Logs, Azure Monitor, or similar telemetry sources;
  • Understanding of TCP/IP, DNS, HTTP/S, and common attack patterns;
  • Experience with threat intelligence enrichment and operationalization;
  • Nice to have: SOAR playbook development and automated response workflows, Sigma rule development, Elastic detection-rules ecosystem familiarity, Terraform or Ansible experience, previous SOC or Incident Response background.

условия

  • Competitive compensation;
  • Comprehensive benefits package including medical, dental, and vision coverage;
  • Flexible spending accounts (FSA);
  • Disability and life insurance;
  • 401(K) retirement plan with company match;
  • Generous vacation policy.

Если просят войти через iCloud, отправить коды из SMS, запустить код, что-то установить, перевести деньги или сделать что угодно, связанное с деньгами, не соглашайтесь: это признаки мошенничества.

прозрачные зарплаты в IT

Анонимные данные по зарплатам и грейдам

Посмотреть
График динамики зарплат
Откликнуться Добавить в трекер

Если просят войти через iCloud, отправить коды из SMS, запустить код, что-то установить, перевести деньги или сделать что угодно, связанное с деньгами, не соглашайтесь: это признаки мошенничества.