About the position
In this role, you will build and manage a live-fire cyber range, design advanced data flows across SIEM and security analytics platforms, automate infrastructure, and work across hybrid cloud environments.
Responsibilities
• Build and manage Sevii’s live-fire cyber range, including CoLo clusters, security tooling, and breach/attack simulators
• Design data flows using Cribl Stream/Edge, Splunk, Chronicle (Google SecOps), Sentinel, and NG-SIEM
• Automate infrastructure and operations using Terraform, Python, CloudFormation
• Implement Zero Trust architectures (Tailscale, PrivateLink)
• Lead and manage integrations within complex hybrid cloud environments (AWS, Azure, GCP, Proxmox)
Requirements
• 3+ years in security engineering or red/blue team roles supporting production environments
• 2+ years hands-on ownership of CrowdStrike Falcon and/or Microsoft Defender for Endpoint at enterprise scale
• Experience operating CrowdStrike NG-SIEM, Splunk (Enterprise/Cloud/ES/SOAR) or Google SecOps/Chronicle handling >100GB/day ingest
• Proficiency in scripting and automation (Python, PowerShell)
• Experience with RESTful API integrations
• Strong understanding of MITRE ATT&CK, NIST 800-53, CIS Controls
• Experience mapping detections to control frameworks
• Experience working in hybrid cloud environments (AWS, Azure, GCP, Proxmox)
• Advanced English
Apply Now
Apply Now