Magnet.me  -  The smart network where hbo and wo students find their internship and first job.

The smart network where hbo and wo students find their internship and first job.

This opportunity has expired. It is therefore no longer possible to like or apply.

See similar opportunities instead

SOC Platform Architect

Posted 25 Mar 2024
Work experience
5 to 7 years
Full-time / part-time
Full-time
Job function
Degree level
Required languages
English (Fluent)
Dutch (Fluent)

Your career starts on Magnet.me

Create a profile and receive smart job recommendations based on your liked jobs.

Our team & you

Our Cyber Security team protects VEON in its digital journey of transformation from pure telecom operator into a world class telecommunication and digital service provider driven by a vision to unlock new opportunites for 10% of world’s population. Protection of our Customers and Businesses against cyber security threats is one of the top priorities for VEON. Global Security Operations transformation is centralize security experise, knowledge and best-practices, implement unified processes and increase effeciency

You will drive the VEON Global Security Operations transformation in dynamic and agile VEON environment with your personal leadership, entrepreneurial spirit and expertise. This is an opportunity for you to be part of something big and transformative, play a critical role in driving our success.

Within 30 days, you'll...

· Understand VEON’s vision, strategy, culture and values

· Deep dive into exsiting VEON’s security organizational structure, governance and technology stack

· Review existing security policies, procedures, established processes

· Build strong relationships with Operational Companies Security teams

· Understand the strategy of VEON’s global distributed security operations

· Deep dive into VEON security posture, risks, threats and assets

· Review existing SOC platform architecture and design

· Review G-SOC AWS infrastructure, network design, security controls and operational procedures

· Review G-SOC operational model, involving multi-tiered outsourcing parties

Within 90 days, you’ll….

· Take over G-SOC platform and AWS infrastructure operational activities (platform maintenance, health and resource utilisation monitoring, trouble shooting, administration and etc.), manage and control outsourcing partners.

· Optmize G-SOC infrastructure focusing on security, availability and cost-effectiveness of utilized resources, software licenses and operations (Full stack AWS infrastructrure, Hybrid ArcSight, KAFKA, ELK SIEM, Splunk Phantom SOAR with multiple python API ntegrations).

· Develop operational instructions and playbooks for L1 monitoring on SOC platform service degradation, outage, performance issues (Cloudwatch, Beats, Nagios, ELK and etc.), outsourcing partners, ensuring end-to-end SOC operational performance.

· Establish network and platform integration points with all Operational Companies with guidance and hands-on support in course of initial on-boarding based on defined G-OPCO Blueprint, trouble shooting and optimisation.

· Establish operational processes and procedures (e.g. change management, ifault and performance monitoring and etc.), document G-SOC service management

Manage and control outsourcing partners based on developed governed by OLA/SLA

· Develop SOC platform design for Operational Companies, guide and support OPCOs in course of its implementation

· Develop G-SOC development roadmap aligned with G-SOC evolution strategy

· Develop and support new G-SOC services launch with custom integrations development (e.g. REST API, custom flexes, logstash pipelines, kafka processors, python/bash scripting)

Within 120 days, you’ll….

· Take overall responsibility for G-SOC platform architecture and operational administration/maintenance, aligned with G-SOC development strategy.

A bit about you

· You have experience of bulding high volume mutli-tenant processing hybrding nex-gen SIEM platforms with processing capacity, high avalabiliby and performance requirements as inputs to fulfil needs of multiple internal Customers (e.g. OPCOs).

· You are DevSecOps engineer expieirineced in building and running:

o AWS cloud infrastructure (VPC, EC2, S3, Lambda, Route 53, Load Balancer, CloudWatch, Auto Scaling, CloudTrail, System Manager, IAM, Secret Manager, GuardDuty, SSO, Active Directory, WAF, Workspace) with HA/resilience requirements

o BuildiHigh volume ingestion pipeline built of hybrid Load Balancing (AWS, HA Proxy, ArcSight LB), KAFKA Message Broker Clusters Processing API, LogStash pipelines, ArcSight Flex/Smart Connectors

o ArcSight SIEM full-stack (ADP all modules, ESM)

o Elasticsearch cluster (hot, warm cold architecture + ingestion and ML)

o Splunk Phantom (or any other SOAR equivalent)

o Both Linux (RHEL, CentOS) /Windows administration

o Python, Bash, Powershell scripting

o Infrastructure orchestration (e.g. Ansible)

· You have experience with integration with different log sources Application logs, OS (windows, linux, sun solaris and etc.) logs, network traffic, HIDS/NIDS , FW, IAM/IDM and other security systems

· You are familiar with cyber kill, ATT&CK and CAPEC frameworks, attacker tactics/techniques,/tools, required for content development (Arcsight/Elastic).

· You have strong knowledge of information systems security concepts and current information security technologies, trends and practices.

· You have experience integrating security tools through scripting, using API’s and improving existing processes through automated methods

· Certifications such as the following are a plus:

o AWS Certified Solution Architect/Developer/SysOps administrator

o ArcSight Advanced ESM Administrator, Designing and implementing ArcSight Solutions

o Elastic Certified Engineer

o GIAC GCUX, GCWN, GCDA, GMON

o CISSP

· You have 5 years of work experience, of which 3 years experience in similar positions.

· You have a bachelor degree in Information Security, Computer Science or other technical field. Or equivalent technical experience.

· You are fluent in English and preferably also in Russian and you are able to work in an international context with excellent communication skills.

· You are able to work independently in a heavily demanding, fast-paced and dynamic global environment, while building your relationship with your peers in the Operational Companies and maintaining your focus on the defined priorities.

· You are willing to travel to VEON OpCos up to 25% of your time to support them during the implementation phases and for monitoring their progress.

The company which act as an operator with more than 40 million custommers. with the wolrd wide operation, it becomes one of the biggest operator in Russian! it has just signed the contract with Viet Nam Partner to establish the 7th GSM operator in VN.

Telecom
Amsterdam
500 employees