• Аналізувати, класифікувати та розслідувати сповіщення безпеки, інциденти і підозрілу активність (L2/L3) • Розробляти та оптимізувати правила кореляції, сценарії виявлення загроз, дашборди, алерти та звіти в SIEM • Інтегрувати нові джерела логів у SIEM, налаштовувати парсери та нормалізацію подій • Розвивати use cases і playbooks реагування на інциденти • Взаємодіяти з командами інфраструктури та мереж • Готувати інцидентні звіти, технічні висновки й рекомендації • Брати участь у PoC/Pilot SIEM-рішень, оцінці нових інструментів та розвитку SOC-архітекту

• Act as the Physical Security Point of Contact for EV-charging projects • Establish and maintain detailed project schedules. • Ensure all security deliverables and installations align with the construction or project delivery timeline. • Work closely with Security stakeholders to secure necessary approvals for designs, risk level identification, security guard planning, and hardware deviations. • Manage project delivery across diverse sites within the US and EMEA regions. • Proactively identify potential blockers and escalate issues to leadership with proposed solutions. • Manage stakeholders including architects, engineers, and supply chain to deliver compliant projects. • Production of formal project status reports and other reports as required.

• Lead the development, rollout, and operations of security operations tools and services such as SIEM, EDR, NDR, email, cloud; building detection rules, automated playbooks, and integrations • Serve as a technical resource for security operations analysts; conduct design reviews and provide engineering guidance on detection and response workflows • Apply a detections-as-code approach; version-controlled, peer-reviewed, and tuned against alert quality metrics • Architect and implement security engineering capabilities, including endpoint security, data loss prevention, email security, network security, SIEM enhancements, detection engineering, and security automation. • Partner with cross-functional teams to perform threat modeling and embed security requirements in the development lifecycle. • Research, evaluate, and operationalize security products and services (including AI enabled platforms), building proof-of-concept integrations, provide recommendations or deferrals on adoption, and driving adoption across the security stack.

Role Description Unit4 Global Cloud Operations Team is seeking a skilled Security Operations Engineer to join our international team. As part of this dynamic team, you will play a key role in maintaining the security and integrity of our cloud infrastructure and environments. You will monitor security systems, analyze threats, and manage security incidents from detection through resolution, ensuring a robust defense against emerging threats. Key Responsibilities - Continuous Monitoring: Continuously monitor cloud environments for potential security threats. - Threat Analysis: Analyze security alerts and logs to identify suspicious activities. - Incident Response: Lead response efforts during security incidents, including containment, eradication, and recovery. - Investigation: Investigate security breaches and identify root causes. - Post-Incident Review: Conduct post-incident analysis to suggest improvements. - Documentation: Document security incidents and maintain detailed records. - Customer Incident Handling: Act on security incidents reported by customers or identified proactively. - Policy Adherence: Follow established security policies and procedures. - System Maintenance: Monitor and maintain security systems such as firewalls, intrusion detection and prevention systems, and SIEM systems. - Preventative Measures: Implement security measures to prevent future incidents. - Staying Current: Stay up-to-date with the latest security trends and technologies. Qualifications - 3+ years of relevant experience in security monitoring, analysis, and incident response. - Knowledge and experience in hardening OS and other environments/systems. - Knowledge and experience with security-related group policies and their implementation. - Knowledge of forensic analysis and incident management tools. - Familiarity with SIEM tools and security incident management. - Strong analytical and problem-solving skills. - Excellent communication skills, both written and verbal. - Ability to work under pressure and manage multiple incidents simultaneously. - Understanding of security policies and procedures. - Experience with firewalls, intrusion detection/prevention systems, and SIEM systems. Requirements - Familiarity with Microsoft Azure & Microsoft certifications. - Experience with AWS. - Experience with scripting languages (e.g. PowerShell) for automation. - Knowledge of networking, and PKI infrastructure. - Basic Linux skills. Benefits - A culture built on trust and accountability - giving you the freedom and autonomy to be successful and make an impact. - Balance - with our Flexible Leave Paid Time Off policy, remote working opportunities, Global Wellbeing Days, and other great benefits. - Growth opportunities - we provide the tools and guidance required so that you can focus on what really matters to you and so, ultimately, you can achieve your best work. - Talented colleagues, role models and mentors - work, learn and be inspired by some of the best talent in the software industry. - A commitment to sustainability - with initiatives such as our Environmental, Social, and Governance strategy and Act4Good programme. - A safe and inclusive working environment – supported by our Employee Resource Groups, which are open to all.