Security Data Engineer Security Operations Team

Job Description

Hi there!
We are Semrush a global IT company developing our own producta platform for digital marketers. New stars are born here so dont miss your chance.
This is our

Security Data Engineer role for those who strive to implement functional processes and drive them to full completion.

Tasks in the role

• Support the Vulnerability Management system by integrating new vulnerability scanners and tuning enrichment prioritization and response processes.
• Develop and maintain the security inventory system that processes and stores information about various company assets. This system will be the primary source of truth for scanners used by security analysts in their daily work and during security audits.
• Develop and maintain the Fraud system that analyzes and scores Semrush customer behavior. This system will detect suspicious actions such as account takeovers card fraud and promo abuse and respond to them automatically.
• Assist SOC Analysts with logging by integrating new audit infrastructure and production logs. Respond to data incidents and ensure data quality.
• Contribute to the development of internal SOC automation to support various SOC processes including Incident Response.

Requirements

Who we are looking for

• Minimum 23 years of experience with Splunk as an Admin/Developer or in a similar role with h2 SPL (Search Processing Language) knowledge.
• Basic understanding of security principles and tools such as vulnerability scanners firewalls SIEM. Understanding of how different security tools and systems generate and process data.
• Expertlevel proficiency in Splunk including the ability to build complex applications develop custom commands write advanced searches and create dashboards with custom behavior using tokens and JavaScript. A deep understanding of Splunks architecture data ingestion processes and search and reporting capabilities is essential.
• Strong proficiency in designing and implementing data pipelines. Thorough understanding of ETL concepts and data schemas (models). Ability to consider business context including constraints data volume and data quality.
• Proficiency in core Python fundamentals and programming. Experience with code packaging release and deployment. Familiarity with JavaScript is a plus. Handson experience with containerization and orchestration tools particularly Docker. Knowledge of Kubernetes is beneficial. Solid understanding of CI/CD practices and workflows.
• Ability to tackle challenges like a skilled explorer charting unknown territories. Youre comfortable researching problems finding solutions and managing your day without constant guidance.
• The knack for collaborating harmoniously like musicians in an orchestra. Youre adept at working toward shared goals valuing collective success over individual triumph.
• The skill to manage your tasks and projects effectively like a seasoned conductor leading an orchestra. You can seamlessly coordinate multiple responsibilities and deliver results on time.

Not required but a plus

• Having a passion for security or prior experience in the field is like having a secret superpower. Think of it as being a digital detective always one step ahead of the bad guys.
• Splunk certifications are highly valued here. If you have any especially the Developer or Architect badge youre practically royalty in our eyes. Its like having a golden ticket to Willy Wonkas chocolate factory but for data.
• If youve got a knack for design and can transform raw data into eyepopping metrics insights and dashboards youre our kind of wizard. Were looking for someone who can turn boring numbers into a visual feast that even nontechies will drool over.
• You share our common values: Trust as we prefer to speak up and be our true selves; Sense of Ownership as its not worth wasting time on something you dont believe in; and enthusiasm for Constant Change as we are always looking to make things better.

A bit about the team

You can get to know the team better at one of the interviews but some brief information about future colleagues will be useful now.

The Security Operations Team specialising in protecting company assets by identifying preventing detecting and responding to security events that target the business and Semrushs users. Focusing on the operational aspect of security we are responsible for improving Semrushs security capabilities and metrics particularly in the areas of security anomaly/event detection incident response and abuse of .

We will try to create all the right conditions for you to work and rest comfortably

• Its up to you to decide what work format works best for you. You can #wfo #wfh or mix both.
• Flexible working day start
• Unlimited PTO
• Hobby benefit
• Breakfast snacks and coffee at the office
• Corporate events
• Training courses conferences
• Gifts for employees

Finally a little more about our company

Semrush is a leading online visibility management SaaS platform that enables businesses globally to run search engine optimization payperclick content social media and competitive research campaigns and get measurable results from online marketing.Weve been developing our product for 16 years and have been awarded G2s Top 100 Software Products Global and US Search Awards 2021 Great Place to Work Certification Deloitte Technology Fast 500 and many more. In March 2021 Semrush went public and started trading on the NYSE with the SEMR ticker.users in America Europe Asia and Australia have already tried Semrush and over 1000 people around the world are working on its development. The Semrush team is constantly growing.Our new colleague we are waiting for you!