Yandex Cloud is essentially a large set of complex, high-load applications of our own development: various APIs, task processors, schedulers, as well as a control plane with complex business logic and a fast data plane, where server security-related components dominate. Come to us to investigate and analyze incidents and identify information security threats.

What tasks await you

Monitor and analyze information security events to identify threats We live in turbulent times, and it is critical to maintain the security of Yandex Cloud customers and their data. We have a powerful protection system deployed, and you will need to respond to its signals to instantly identify and stop any threats.

Create new and improve existing rules for monitoring and event correlation systems A security system is nothing without rules. Many have already been written, but many more are yet to be written. Each rule performs differently, and sometimes adjustments need to be made.

Handle incidents in the internal IRP system, analyze them, and draw conclusions Unfortunately, incidents do happen sometimes. It is important to investigate them, prevent damage, and most importantly — draw conclusions and take measures that will prevent repeated occurrences.

More about security at Yandex — in the Yandex for Security channel

We expect you to

Understand the methods, tools, and processes for handling information security incidents
Be capable of acting independently and proactively
Possess basic knowledge of modern threats, attack methods, tools, and techniques, as well as methods and tools for their detection and response
Be familiar with the structure of network protocols, the architecture of modern operating systems, and have an understanding of modern technologies in information security
Have worked with Windows and UNIX systems
Be familiar with SQL and Python languages
Be ready to work on a shift schedule (Day 1: 9:00 – 21:00, Day 2: 21:00 – 9:00, 2 days off)
Know how to communicate with people
Are responsible and careful with tasks, understand their importance
Are patient, ready for routine work
Want to develop and work in a team

Will be a plus

Have worked with Datalake
Understand the principles of SIEM systems
Know what Threat Intelligence and Threat Hunting are
Have a general understanding of MITRE ATT&CK

Contacts

What tasks await you

We expect you to

Will be a plus

Similar vacancies

SOC L2 Analyst

Principal Use Cases Expert

SOC Analyst L3

Security Researcher/Analyst - anti-malware product (Web Protection Team), remote

Head of Anti-Fraud Direction

SOC L2 Analyst

Anti-Fraud Analyst (Information Security)

Threat Hunter | Windows Empire Defender

Engineer for the Security Team of Verticals

Information Security Manager at Yandex Cloud

Infrastructure Information Security Team Engineer

ML Analyst for the Cybersecurity Team

SecOps Duty Analyst at Yandex Cloud

Key Skills

Details