Backend Developer
генерация резюме под вакансию
сопроводительное письмо
описание
Acronis is a global leader in cyber protection, delivering AI-powered solutions for managed service providers through a natively integrated platform that unifies operations management, cybersecurity, and data protection. The company provides an all-in-one solution designed to protect, manage, and automate workloads for businesses worldwide.
задачи
- Own and optimize the Elastic Security platform including Elasticsearch, Kibana, Fleet, Logstash, and Elastic Agents;
- Design and maintain ingestion pipelines for cloud, endpoint, network, and application telemetry;
- Improve telemetry quality, data retention, performance, and investigation workflows;
- Integrate SIEM workflows with SOAR and automation tooling;
- Build and maintain a Detection-as-Code pipeline using Git-based workflows and CI/CD automation;
- Develop, test, tune, and maintain high-fidelity detections using Elastic Security, EQL, and KQL;
- Reduce alert noise through tuning, enrichment, suppression, and exception handling;
- Map detections to MITRE ATT&CK and drive detection coverage strategy;
- Track detection quality metrics including alert fidelity, false positive rates, and coverage gaps;
- Assist with complex alert escalations and perform initial incident scoping;
- Execute initial containment actions such as endpoint isolation, blocking, and account suspension;
- Participate in a low-frequency on-call rotation for critical incidents;
- Translate incident learnings into improved detections and telemetry coverage;
- Partner with infrastructure, DevSecOps, and cloud teams to improve logging and visibility;
- Build automation and tooling using Python and/or PowerShell;
- Support purple team exercises and adversary simulations.
требования
- 5+ Years of cybersecurity engineering experience;
- 3+ Years focused on SIEM engineering, detection engineering, or security analytics;
- Strong hands-on experience with Elastic Security and the Elastic Stack;
- Experience building or maintaining Detection-as-Code workflows using Git and CI/CD pipelines;
- Strong understanding of detection tuning, alert fidelity, and operational detection quality;
- Ability to independently investigate complex alerts and produce actionable findings;
- Proficiency in Elastic Security, Kibana, Fleet, Elastic Agents, EQL/KQL;
- Expertise in detection engineering and MITRE ATT&CK mapping;
- Experience with Jenkins, Bitbucket Pipelines, GitHub Actions, or similar CI/CD tooling;
- Proficiency in Python and/or PowerShell scripting;
- Knowledge of AWS CloudTrail, VPC Flow Logs, Azure Monitor, or similar telemetry sources;
- Understanding of TCP/IP, DNS, HTTP/S, and common attack patterns;
- Experience with threat intelligence enrichment and operationalization;
- Nice to have: SOAR playbook development and automated response workflows, Sigma rule development, Elastic detection-rules ecosystem familiarity, Terraform or Ansible experience, previous SOC or Incident Response background.
условия
- Competitive compensation;
- Comprehensive benefits package including medical, dental, and vision coverage;
- Flexible spending accounts (FSA);
- Disability and life insurance;
- 401(K) retirement plan with company match;
- Generous vacation policy.
навыки
Если просят войти через iCloud, отправить коды из SMS, запустить код, что-то установить, перевести деньги или сделать что угодно, связанное с деньгами, не соглашайтесь: это признаки мошенничества.