SOC Platform Architect

Amsterdam, The Netherlands
VEON – Engineering & Technology
Fixed Term
Learn below about your first 30, 60 and 90 days in your next role. Apply and join us now!

Our team & you
Our Cyber Security team protects VEON in its digital journey of transformation from pure telecom operator into a world class telecommunication and digital service provider driven by a vision to unlock new opportunites for 10% of world’s population. Protection of our Customers and Businesses against cyber security threats is one of the top priorities for VEON. Global Security Operations transformation is centralize security experise, knowledge and best-practices, implement unified processes and increase effeciency
You will drive the VEON Global Security Operations transformation in dynamic and agile VEON environment with your personal leadership, entrepreneurial spirit and expertise. This is an opportunity for you to be part of something big and transformative, play a critical role in driving our success.
 
Within 30 days, you'll...
 
·       Understand VEON’s vision, strategy, culture and values
 
·       Deep dive into exsiting VEON’s security organizational structure, governance and technology stack
 
·       Review existing security policies, procedures, established processes
 
·       Build strong relationships with Operational Companies Security teams
 
·       Understand the strategy of VEON’s global distributed security operations
 
·       Deep dive into VEON security posture, risks, threats and assets
 
·       Review existing SOC platform architecture and design
 
·       Review G-SOC AWS infrastructure, network design, security controls and operational procedures
 
·       Review G-SOC operational model, involving multi-tiered outsourcing parties
 
 
Within 90 days, you’ll….
 
·       Take over G-SOC platform and AWS infrastructure operational activities (platform maintenance, health and resource utilisation monitoring, trouble shooting, administration and etc.), manage and control outsourcing partners.
 
·       Optmize G-SOC infrastructure focusing on security, availability and cost-effectiveness of utilized resources, software licenses and operations (Full stack AWS infrastructrure, Hybrid ArcSight, KAFKA, ELK SIEM, Splunk Phantom SOAR with multiple python API ntegrations).
 
·       Develop operational instructions and playbooks for L1 monitoring on SOC platform service degradation, outage, performance issues (Cloudwatch, Beats, Nagios, ELK and etc.), outsourcing partners, ensuring end-to-end SOC operational performance.
 
·       Establish network and platform integration points with all Operational Companies with guidance and hands-on support in course of initial on-boarding based on defined G-OPCO Blueprint, trouble shooting and optimisation.
 
·       Establish operational processes and procedures (e.g. change management, ifault  and performance monitoring and etc.), document G-SOC service management

Manage and control outsourcing partners based on developed governed by OLA/SLA
 
·       Develop SOC platform design for Operational Companies, guide and support OPCOs in course of its implementation
 
·       Develop G-SOC development roadmap aligned with G-SOC evolution strategy
 
·       Develop and support new G-SOC services launch with custom integrations development (e.g. REST API, custom flexes, logstash pipelines, kafka processors, python/bash scripting)
 
Within 120 days, you’ll….
 
·       Take overall responsibility for G-SOC platform architecture and operational administration/maintenance, aligned with G-SOC development strategy.
 
 
A bit about you
 
·       You have experience of bulding high volume mutli-tenant processing hybrding nex-gen SIEM platforms with processing capacity, high avalabiliby and performance requirements as inputs to fulfil needs of multiple internal Customers (e.g. OPCOs).
 
·       You are DevSecOps engineer expieirineced in building and running:
o   AWS cloud infrastructure (VPC, EC2, S3, Lambda, Route 53, Load Balancer, CloudWatch, Auto Scaling, CloudTrail,  System Manager, IAM, Secret Manager, GuardDuty, SSO, Active Directory, WAF, Workspace) with HA/resilience requirements
o   BuildiHigh volume ingestion pipeline built of hybrid Load Balancing (AWS, HA Proxy, ArcSight LB), KAFKA Message Broker Clusters Processing API, LogStash pipelines, ArcSight Flex/Smart Connectors
o   ArcSight SIEM full-stack (ADP all modules, ESM)
o   Elasticsearch cluster (hot, warm cold architecture + ingestion and ML)
o   Splunk Phantom (or any other SOAR equivalent)
o   Both Linux (RHEL, CentOS) /Windows administration
o   Python, Bash, Powershell scripting
o   Infrastructure orchestration (e.g. Ansible)

·       You have experience with integration with different log sources  Application logs, OS (windows, linux, sun solaris and etc.) logs, network traffic, HIDS/NIDS , FW, IAM/IDM and other security systems
 
·       You are familiar with cyber kill,  ATT&CK and CAPEC frameworks, attacker tactics/techniques,/tools, required for content development (Arcsight/Elastic).
 
·       You have strong knowledge of information systems security concepts and current information security technologies, trends and practices.
 
·       You have experience integrating security tools through scripting, using API’s and improving existing processes through automated methods
 
·       Certifications such as the following are a plus:
o   AWS Certified Solution Architect/Developer/SysOps administrator
o   ArcSight Advanced ESM Administrator, Designing and implementing ArcSight Solutions
o   Elastic Certified Engineer
o   GIAC GCUX, GCWN, GCDA, GMON
o   CISSP
 
·       You have 5 years of work experience, of which 3 years experience in similar positions.
 
·       You have a bachelor degree in Information Security, Computer Science or other technical field. Or equivalent technical experience.
 
·       You are fluent in English and preferably also in Russian and you are able to work in an international context with excellent communication skills.
 
·       You are able to work independently in a heavily demanding, fast-paced and dynamic global environment, while building your relationship with your peers in the Operational Companies and maintaining your focus on the defined priorities.
 
·       You are willing to travel to VEON OpCos up to 25% of your time to support them during the implementation phases and for monitoring their progress.
More about us:
Discover moments of awesomeness and our careers blog -->  http://bit.ly/2lXbUxi
For the latest updates follow us on LinkedIn --> http://bit.ly/2rYhe7O


Do you want to be part of a team that engages with over 220 million customers across 10 rising markets? Do you want to pioneer new experiences to hundreds of millions of customers in the markets of tomorrow? We are doing things never thought possible. 


Working at VEON demands a high standard of business ethics and adherence to our legal obligations, our values and our Code of Conduct and supporting compliance policies and procedures. Our pioneering spirit is embodied in our values to be customer obsessed, entrepreneurial, innovative, collaborative, and truthful.  Being truthful requires us to act ethically, honestly, and with integrity. 
 We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability or gender identity.
By clicking on "Apply for this job", you confirm that you have read, understood and explicitly agree to the our Applicants Privacy Policy
VEON does not accept agency resumes. Please do not forward resumes to our jobs alias, VEON employees or any other company location. VEON is not responsible for any fees related to unsolicited resumes.