Security Engineer - Advanced Threat Response

Project descriptionJoin our Development Centre in Bucharest and become a member of our open-minded, progressive and professional team. In this role you will be working for one of our world-famous clients.The Chief Security Office (CSO) of our client comprises the Chief Information Security Office (CISO) and the Corporate Security unit. The CISO organization guarantees information security for our client.The current initiatives are centered on enhancing cybersecurity capabilities across several critical domains: Threat Intelligence, Advanced Persistent Threats (APTs), Red Team Operations, Forensics and Malware Analysis.These projects are designed to strengthen the organization's defense systems and enhance response strategies against complex cyber threats.We are looking for candidates with strong engineering experience in the areas mentioned above to assist in evaluating and selecting the most effective tools. The roles include implementing the chosen solutions, migrations to different platforms and integrating them with already existing systems to ensure a smooth transition and improved security posture.On top of attractive salary and benefits package, Luxoft will invest into your professional training, and allow you to grow your professional career.ResponsibilitiesLooking for a Security Engineer to join the Engineering organization, focused on Threat Simulation and Threat Intelligence capabilities to enable continuous , automated adversary emulation and high-fidelity detection.You will manage onboarding, migration and integration of tools, conduct POCs to choose the best solutions, collaborate with vendors and stakeholders and enable Purple/RedTeam testing by delivering engineered platform configurations and data feeds.Key responsibilities:Implement and maintain TI and adversarial-simulation toolsDeploy use-case specific configurations (detection scenarios, simulation playbooks, collectors etc) end-to-endExecute tool migrations under guidanceSupport technical POCs: prepare test environments, run defined experiments, collect and validate telemetry and produce technical findingsCollaborate with vendors, security architects, engineering and other stakeholders to deliver integrations and resolve operational issuesSupport purple/red teams to deploy infrastructure, simulation content and ensuring telemetry capture for validationIntegrate and normalize new TI feeds into the detection pipelineProduce and maintain runbooks, onboarding guides, architecture diagrams and other required checklistsSkillsMust have2-5+ years in security engineering , threat intelligence operations or adversary simulation supportStrong Linux administration skills (system hardening, service management, troubleshooting, network tuning, secure baseline implementation, service orchestration)Practical Cloud management knowhow with CI/CD pipeline design and implementation experienceHands-on experience integrating security tools with SIEM/data lake and building/hunting pipeline componentsExperience supporting other team testing or translating offensive activities into detection content