Senior Security Operations Center Engineer / Detection &
Automation
Strength. Care. Growth
A1 Competence Delivery Center (CDC) is a vital component of A1’s
telecommunications business. Acting as an expertise hub, CDC is
dedicated in delivering full range of high-quality IT, network,
financial and other services to support A1’s operations across all
OpCos, independent of location.
Using the power of being OneGroup and leverage synergies, CDC
enables transparency of resources, key skills and knowledge
expansion and personal career growth opportunities’ enhancement,
paired with job stability.
We are expanding the IT Services Division of the A1 Competence
Delivery Center. Be part of this exciting journey!
You’ll know A1 Bulgaria is the right place for you if you are
driven by:
Opportunities to learn and build your career;
Meaningful work in a stable and fast-paced company;
Diversity of people, projects, and platforms;
A supportive, fun, and inspiring place to work.
Aleksandar Mirkovic is looking for a new team member.
As Senior Detection/Automation Engineer you are responsible for
developing, testing, and improving attack detection use cases on
basis of the existing SIEM-System.
Role insights:
Design and implement advanced detection use cases and correlation
rules in Splunk based on evolving threat landscapes and customer
requirements;
Engineer, maintain, and optimize Splunk and SOAR platforms for
performance, scalability, and security;
Develop and maintain automated workflows to streamline incident
triage, response, and remediation processes;
Collaborate with SOC analysts to fine-tune alerts, reduce false
positives, and improve detection fidelity;
Integrate various data sources and security tools into SIEM and
SOAR platforms to provide enriched context for threat analysis;
Lead or support the development of playbooks and runbooks for
common incident types;
Work closely with threat intelligence, response, and threat hunting
teams to operationalize intelligence and improve response time;
Participate in regular reviews of SOC processes, identifying
opportunities for automation and enhancement;
Provide expertise in troubleshooting, log onboarding, and rule
tuning for supported security platforms;
Contribute to continuous improvement of the SOC's detection and
response capabilities through innovation, research, and tool
development.
What makes you unique:
BSc or MSc in Information Security, Computer Science,
Engineering;
Advanced experience in programming with Python or similar program
languages;
Advanced knowledge of Splunk;
Advanced knowledge of security specific frameworks (e.g.
Mitre);
Knowledge in state-of-the-art IT cybersecurity architectures,
hardware, and software implementations for large organizations
using either enterprise based and/or cloud-based environments;
Interest in identifying cybersecurity gaps in IT network and
systems designs or implementations, and in recommending mitigation
strategies to address the identified gaps;
Strong analytical and problem-solving skills with the capability to
identify solutions to unusual and complex problems;
Experience with various forensics and security tools as well as
with the evaluation of log files for the analysis of attacker
behavior is a plus;
Relevant security certifications are a plus;
Knowledge on cloud services (technically and functionally)
especially M365 and MS Azure & -Security Modules is a plus;
Our gratitude for the job done will be eternal, but we’ll also
offer you:
Innovative technologies and platforms to “play” with;
Modern working environment for your comfort;
Friendly, ambitious, and motivated teammates to support each
other;
Thousands of online and in-person learning opportunities to grow;
Challenging assignments and career development opportunities in
multinational environment;
Attractive remuneration package;
Flexible working schedule and opportunity for home office;
Numerous additional goodies, including, but not limited to free A1
services, discounts, health insurance and services, sports center,
childcare, team and family events, etc.
Not sure yet? See us in action in our A1 Blog.
