The Ecosystem
Diagnostic Center

Contact us to find out more and start working with us

SberMedAI LLC uses Cookies (files with information about past visits to the website) for service personalization and user convenience. To continue browsing the website, you need to enable cookies and accept our Cookies policy. You may disable cookies, but the website will become unavailable. Cookies policy


SOC Engineer

SIEM implementation and operation. Monitoring security events. 3+ years of relevant work experience



– SIEM implementation and operation;
– connecting event sources and creating normalization rules;
– creating correlation rules;
– playbook development and testing;
– monitoring security events;
– detecting incidents in security events;
– incident response and handling;
– participating in the investigation of security incidents;
– reporting.


– 3+ years of relevant work experience;
– knowledge and understanding of OSI model, TCP/IP stack, HTTP/HTTPS protocols, DNS, DHCP, ARP, etc.;
– understanding of modern web applications;
– knowledge of latest security threats, vulnerabilities, attack techniques, as well as detection and response methods (e.g., using Mitre Att&ck);
– hands-on experience in identifying and participating in the investigation of security incidents, developing recommendations to prevent future incidents;
– experience in Windows/Linux OS administration and understanding of how they work;
– experience in the investigation of security incidents using IRP/SOAR, SIEM;
– experience in SIEM implementation, connecting event sources and creating normalization, correlation rules;
– experience with playbook development.


Preferred qualifications


– knowledge of scripting languages;
– experience in SOC operations.


Apply for this position