Security Engineer - Detection & Response in Bucuresti

Job DescriptionBooking Holdings (NASDAQ: BKNG) is the world leader in online travel and related services, provided to customers and partners in over 220 countries and territories through six primary consumer-facing brands – Booking.com, KAYAK, priceline, agoda.com, Rentalcars.com, and OpenTable. The mission of Booking Holdings is to make it easier for everyone to experience the world. This role with Booking Holdings will be working closely with our various brands.Being part of this team you will participate in the defense of one of the world's leading e-commerce organizations and have the opportunity to learn, and develop skills in the a truly world leading security practice.The role of Security Engineer - Detection & Response is to build, maintain and constantly improve the efficiency and coverage of the Cyber Detection & Response capabilities. This role would focus on implementing the detection use cases based on their priority (Getting the required observability, pipelines, correlation, enrichment, automation and build the underlying integrations and solution required therefore) and make them available to Security Monitoring and Incident Response.The second focus would be to use the engineering toolbox to closely support any need of the SOC teams in automation and response orchestration tools. B.responsible [Detection and Response Engineering] Responsible for research and defining technical methods and to hands-on implement the detection use cases.Gets in place the required observability, pipeline, correlation rules, enrichment, automation and build the underlying integrations and solution required therefore. Codes and build scripts Acts as Subject Matter Expert (SME) for all aspects of detection and response, SIEM, SOC, SOAR technology and processes Supports any compliance and maturity assessment (such as NIST, PCI, SoX) - provides answers with evidence and creates documentation for that purpose if needed. Participates in different security assurance assessments such as Purple team, Red Team, Attack path map etc. Responsible for documenting any work related to detection & response engineering. Constantly optimizes alert precision and proactively strives for optimization Proactively seeks to identify opportunities and implements engineering solutions to achieve efficiency gains in Security Monitoring and IR efficiency, for example: Automation of manual IR activities, creating response orchestration playbooks, creating and maintaining integrations, alerts and systems tunings, auto field enrichment etc. [Ongoing Testing ,Maintenance & SecDevOps] Responsible for ensuring the reliability, availability, effectiveness, quality and resilience of all the tooling, pipelines, technology and detection engineering used in booking.com SOC teams and urgently fixing in case of any problems. Responsible to constantly and proactively test, maintain, improve, tune and and fix any: detection use cases, alerting rules, integrations, automation, orchestrated playbooks, enrichments, SOAR applications B.skilled 5+ years of relevant experienceHas practical experience and expert knowledge (technical and procedural) in cyber threats detection & incident response, SIEM / SOAR. Scripting and automation experience: python, bash, git (CI/CD, Puppet/Ansible - big advantage).Has experience and practical knowledge in modern attacker methodologies and adversary techniques, tactics, and procedures identification using enterprise security tools. Experience with Elasticsearch/Kibana is a must, knowledge of Query DSL and EQL is big advantageHas understanding of security control frameworks like Mitre ATT&CK, NIST CSF, PCI DSS, SoX, GDPR, ISO 2700X, etc. Robust understanding of IT fundamentals across networking, system, cloud, virtualization platforms and application layers and advanced understanding of at least one operating system (Windows, Linux, OSX)Has SecDevOps experience - Big advantageHas knowledge and practical experience with modern compute platforms such as cloud and containers - Big advantageConstantly demonstrates ownership and proactiveness in seeking to improve and optimize in anything related to their and their team’s work.Team player. Collaborate with technology teams on finding the right solutions to existing problems. Uses stakeholder management and communication skills to illustrate the business impact of technical requirements and navigate the way throughout upstream teams and stakeholder landscapes to get the dependencies implemented.Holds a ‘Can-Do’, delivery-focused and solution-oriented approach ; Is flexible, practical, proactive and holds a positive mindset. Is quick to adapt to changing situations B.offeredThis position is open to candidates worldwide, we provide visa and relocation assistance. Contributing to a high scale, complex, world-renowned product and seeing real-time impact of your workWorking in a fast-paced and performance-driven cultureCareer Advancement via online and on-the-job training, Hackathons, conferences and active community participationCompetitive compensation and benefits package and some great added perks of working at Booking.comAll qualified applicants will receive consideration for employment without regard to race, colour, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. We strive to move well beyond traditional equal opportunity and work to create an environment that allows everyone to thrive. Get MatchedUpload your resume and see jobs that match your skills and experienceMatch Unknown