Skip to main content

vacancy: Security Use Case Developer

We are looking for a Security Use Case Developer to identify and mitigate security threats while proactively enhancing our security posture.

Apply

About the Job

As a Security Use Case developer, you'll have a critical role within our organization's Group Cyber Defense Center, ensuring an outstanding coverage against security threats of our systems and data. In this role, you will have the opportunity to identify and mitigate security threats while proactively enhancing our security posture. Your primary responsibility will be the creation and management of use cases within our Security Information and Event Management (SIEM) system, which is vital for strengthening our threat detection capabilities. Another key feature is the automation of security detection use cases. Additionally, you will be expected to apply your knowledge of known security frameworks like MITRE ATT&CK to enhance our threat detection and response strategies.

The core facts

  • Use Case Development: Collaborate with the security team to design, create, and fine-tune custom security use cases within our SIEM platform to detect potential security incidents and vulnerabilities effectively
  • MITRE ATT&CK Framework: Leverage your knowledge of MITRE ATT&CK to align threat detection strategies and response techniques with industry best practices, enhancing our ability to detect and thwart advanced threats
  • Threat Intelligence: Stay abreast of the evolving cybersecurity landscape, incorporating the latest threat intelligence into SIEM use cases and MITRE ATT&CK matrices to bolster our detection and response capabilities
  • Security Log Analysis: Analyze security logs and data from various sources, identifying anomalies and patterns that could signify security breaches or weaknesses
  • Vulnerability Management: Collaborate with IT and operations teams to identify detection rules scenarios and exploits indicators
  • Security Policy Compliance: Ensure that security policies and procedures are consistently adhered to across the organization, making recommendations for enhancements as necessary
  • Documentation: Maintain comprehensive documentation related to SIEM use cases, incident response protocols, and security best practices, with an emphasis on MITRE ATT&CK techniques and mappings
  • Collaboration: Work closely with cross-functional teams to foster a culture of security awareness and contribute to our overall security strategy

Your core competencies

  • Education: A bachelor's degree in computer science, information technology, cybersecurity, or a related field is preferred
  • Experience: A minimum of 2-3 years of hands-on experience in a security analyst role, with a focus on SIEM use case development, security incident response, and knowledge of the MITRE ATT&CK framework. Strong knowledge about Operating Systems, Databases, Networking. Experience in red teaming/pentesting, would be consider an advantage
  • SIEM Proficiency: Demonstrated proficiency in working with SIEM platforms (e.g., Splunk, IBM QRadar, ArcSight) and creating custom detection rules, alerts, dashboards
  • Cybersecurity Knowledge: A strong foundation in cybersecurity principles, including an understanding of common threats, vulnerabilities, and attack vectors
  • MITRE ATT&CK Expertise: Knowledge of the MITRE ATT&CK framework, including its tactics, techniques, and procedures (TTPs), and the ability to apply this knowledge to enhance our threat detection and response strategies
  • Analytical Skills: Excellent analytical and problem-solving abilities to identify and respond effectively to security incidents
  • Communication: Strong verbal and written communication skills for documenting findings, creating reports, and collaborating with team members and stakeholders
  • Attention to Detail: A keen eye for detail to identify subtle signs of security threats and vulnerabilities

Our benefits

We provide a work environment that offers the necessary flexibility and support for your success both professionally and personally.

A group of individuals sitting around a table, engrossed in work, with a laptop and a cup of coffee, creating a productive work atmosphere.

Work Atmosphere

We value individuality, we focus on respect and we enhance socializing.

Work Atmosphere

We value individuality, we focus on respect and we enhance socializing.

Our company adopts a flat organizational structure and adheres to agile methodology. We value individuality and we don’t have a dress code. We hold team-building events and office gatherings to foster connections and enhance socializing among our employees.
Yellow background with four clocks symbolizing working hours.

Working Hours

We value flexibility.

Working hours

We value flexibility.

Our work schedule provides flexibility, we can start anytime between 8:00 a.m. to 10:00 a.m., and we also provide the option of a remote work model.
An icon of a building with a man on top. Where you can find us.

Where you can find us

Our location is easily accessible and offers access to various points of interest.

Where you can find us

Our location is easily accessible and offers access to various points of interest.

Our workplace is situated in Sky Tower, the tallest skyscraper in Bucharest, near Aurel Vlaicu metro station. This area is home to numerous companies and provides easy access to Promenada Mall, restaurants, and hotels.That’s not all, we have a relaxation space, secure parking for cyclic enthusiasts and a canteen.
A calendar with money and a pen on it, representing financial planning and scheduling.

13th salary

We offer an end-of-year extra payment.

13th salary

We offer an end-of-year extra payment.

In December, the employees who started their employment relationship with us by January inclusive and who have an employment contract in force on the date of payment, will receive the 13th salary. The 13th salary is contingent upon the average gross tariff salary of the prior year, along with the length of service rendered during that period.
Laptop, notebook, coffee cup, and more on yellow background. Ideal for learning opportunities.

Learning Opportunities

We prioritize learning and development.

Learning opportunities

We prioritize learning and development.

We place great emphasis on continuous learning and growth. Our employees can take advantage of various opportunities for development, including training through our internal platform which provides a diverse selection of courses and training programs, along with other on-demand educational resources. Employees are entitled to four days per year to attend courses, trainings, conferences, or workshops to enhance their skills and knowledge. Moreover, we offer a budget for courses, trainings, and other paid classes.
An illustration of a wallet, credit card, and other items, showcasing the convenience of Benefit Online.

Benefit Online

We provide resources to focus on your health and well-being.

Benefit Online

We prioritize learning and development.

Benefit Online provides you with the freedom to choose the type of benefit that best aligns with your needs and preferences. The platform offers a wide range of flexible benefits and discounts, which can be purchased from the monthly budget that we provide.

You can choose medical services offered by two top medical suppliers, meal tickets,  private pension, learning and development opportunities, foreign language courses, cultural activities, donations, gifts, and vacation vouchers.

The Benefit platform may also include programs and resources to promote employee health and well-being. This can encompass health and fitness programs, nutritional consulting, stress management programs, and more. Through the platform, you can access resources to help you maintain and improve your health and well-being.
Illustration showing two doctors in conversation regarding insurance.

Health and sickness insurance

We want you to feel safe.

Health and sickness insurance

We want you to feel safe.

As a benefit to all employees, we provide insurance coverage for accidents and sickness. The insurance covers accidents that occur during and outside of working hours, acute and chronic sickness, death caused by accidents, and permanent disability resulting from an accident.
A man engaging in yoga exercises in front of a desk, with the message "Take the time you need.

Take the time you need

We support work-life balance.

Take the time you need

We support work-life balance.

Time off according to seniority :

  • up to 10 years – 23 working days
  • from 10 to 20 years - 25 working days
  • over 20 years – 27 working days

Additional days for various events:

  • 4 days for developing the professional competencies
  • 1 day for unpredicted events
  • 2 days for special events (birthday, anniversary)
  • 5 days for marriage
  • 2 days for child’s marriage
  • 5 days for father of newborns
  • 10 days for fathers who went through the childcare course

The application process

Find the position you like and apply

First, we will review your CV. Second, we will inform you about the next recruitment steps. *only selected candidates will be contacted.

Screening call with our HR (30-60 min)

During this call, we will give you more details about the company, the role and ask you a few questions related to your experience and expectations.

Technical assessment (60 min)

The number of interviews required may vary depending on the role, typically ranging from one to two. During this interview your technical skills will be assessed by the manager.

Final interview/ Meet the team (60-90 min)

This online meeting is an opportunity to assess the compatibility between you and our team. We would like to know you better, understand what you bring to the team from technical and soft skills' perspective. You can meet your future colleagues, gain further insight into the role, ask any questions you may have, and gain a sense of our company culture and atmosphere.

Offer

Once we extend an offer and you accept, we will begin planning your onboarding.

Welcome aboard!

On your first day, you will receive your equipment and be introduced to your team guided by your assigned buddy.