Cybersecurity Engineer / SOC Analyst / Lead - Hungary

Experience : 2-12 Years

Location : Hungary (Remote/Hybrid)

About the Role

We are seeking a Cybersecurity Engineer / SOC Analyst / Lead to monitor, detect, investigate, and respond to security threats across cloud and on-premise environments.

This is a multi-level role suitable for professionals with 2 to 12 years of experience, covering threat monitoring, SIEM management, vulnerability assessment, incident response, and cloud security operations.

The scope of ownership grows with experience, but the role remains unified across engineering, analyst, and leadership responsibilities.

Responsibilities :

Security Monitoring & Threat Analysis :

- Monitor, triage, and analyze security events and alerts from SIEM platforms.

- Identify malicious activities, suspicious anomalies, and threat indicators.

- Perform threat hunting using known TTPs aligned with MITRE ATT&CK.

Incident Response & Investigation :

- Execute full incident response lifecycle : detection, containment, eradication, recovery, and reporting.

- Conduct forensic analysis, log reviews, root-cause determination, and evidence collection.

- Coordinate with IT and engineering teams to implement corrective actions.

Vulnerability Management :

- Perform vulnerability scanning and analysis using industry-standard tools.

- Track, prioritize, and remediate vulnerabilities across cloud and infrastructure assets.

- Follow NIST, OWASP, and ISO27001 guidelines for secure configurations and risk treatment.

SIEM Configuration & Optimization :

- Configure, tune, and optimize SIEM platforms such as :

Splunk
QRadar
Azure Sentinel

- Create detection rules, correlation searches, dashboards, automated alerts, and use cases.

- Cloud Security & Infrastructure Protection

- Secure cloud workloads and services using tools such as :

AWS GuardDuty
Azure Defender

- Monitor cloud logs, identity events, and threat alerts across multi-cloud environments.

- Implement best practices for IAM, network security, encryption, and monitoring.

Identity & Access Management (IAM/PAM) :

- Manage and enforce identity security policies using :

Okta
CyberArk

- Ensure least privileged access, MFA enforcement, role-based access, and privileged account monitoring.

Security Tools & Testing :

- Utilize SAST/DAST tools such as OWASP ZAP and Burp Suite to detect security weaknesses.

- Support penetration testing, web application scanning, and secure coding feedback loops.

Security Documentation & Governance :

- Maintain documentation of incidents, threat intelligence reports, remediation activities, and runbooks.

- Work with compliance teams to support ISO27001 audits, risk assessments, and security governance tasks.

Collaboration & Continuous Improvement :

- Work with engineering, cloud, DevOps, and IT teams to harden infrastructure security.

- Participate in security reviews, architecture discussions, and change management.

- Continuously improve detection rules, response playbooks, and security automation.

Required Skills :

Security Platforms & Monitoring :

- SIEM tools : Splunk, QRadar, Azure Sentinel

- Threat hunting, security event analysis

- IDS/IPS, firewalls, endpoint detection tools

- Incident Response & Vulnerability Management

- Incident response fundamentals and hands-on triage

- Vulnerability assessment methods and remediation workflows

- Knowledge of malware behaviors, attack vectors, and forensic techniques

Cloud Security :

- AWS security tools : GuardDuty, CloudTrail

- Azure cloud security tools : Azure Defender, Security Center

- Cloud IAM, key rotation, network segmentation, encryption, logging

Identity & Privileged Access :

- IAM concepts, role-based access, MFA

- PAM tools : CyberArk, Okta, and related identity governance standards

- Security Standards & Frameworks

- MITRE ATT&CK

- NIST Cybersecurity Framework

- ISO27001

- OWASP Top 10 (Web/API security)

Security Testing Tools :

- SAST/DAST : OWASP ZAP, Burp Suite

- Basic understanding of secure SDLC

Key Responsibility Areas :

- Monitor and analyze security alerts to detect malicious activity in real time.

- Conduct end-to-end incident response and remediation workflows.

- Manage and optimize SIEM rules, dashboards, threat detections, and alerting.

- Perform vulnerability assessments and support timely remediation.

- Harden cloud environments (AWS/Azure) using native security tools.

- Manage identity and privileged access controls according to best practices.

- Maintain documentation for incidents, playbooks, and security processes.

- Implement DAST/SAST scanning and support application security testing.

- Collaborate with engineering and cloud teams to implement secure configurations.

- Follow global security frameworks (MITRE, NIST, ISO27001) and ensure compliance.