Security Engineer (EDR/XDR Platforms)

The ideal candidate will possess strong technical expertise in cybersecurity technologies, with a foundational understanding of networking, and the ability to troubleshoot and optimize security operations. You will play a crucial role in strengthening our cybersecurity posture by managing security tools, analyzing threats, and supporting incident detection and response processes.

Key Responsibilities:

• Implement, manage, and maintain EDR and XDR solutions across diverse environments.
• Collaborate with SOC (Security Operations Center) teams to ensure efficient detection, investigation, and remediation of security incidents.
• Support basic network-related security tasks and understand the impact of networking on security events (e.g., firewall rule behavior, VPN availability, network segmentation at a conceptual level).
• Continuously monitor the security landscape, identify vulnerabilities, and recommend improvements.
• Perform troubleshooting of endpoint, server, and network issues using diagnostic tools (e.g., Wireshark, tcpdump, netstat, etc.).
• Ensure proper log aggregation, analysis, and correlation for security monitoring purposes.
• Develop and maintain technical documentation, standard operating procedures, and knowledge base articles related to security systems and processes.
• Contribute to security incident response planning, testing, and execution.

Requirements for the candidate:

• Strong hands-on experience managing EDR/XDR solutions (e.g., Trend Vision One, CrowdStrike, SentinelOne, Palo Alto Cortex XDR, Microsoft Defender, Stellar Cyber).
• Good understanding of networking concepts and protocols such as TCP/IP, DNS, DHCP, VPNs, and routing.
• Ability to collaborate with the technical team when deeper configuration is required.
• Familiarity with SIEM tools (e.g., Splunk, QRadar, Sentinel) and integration with EDR/XDR.
• Familiarity with NDR (Network Detection and Response) and other network security tools.
• Familiarity with monitoring and logging tools (e.g., Prometheus, Grafana, ELK Stack, Zabbix).
• Knowledge of incident response processes, threat hunting, and malware analysis fundamentals.
• Proficient with security best practices, vulnerability management, and risk mitigation strategies.
• Ability to perform root cause analysis and recommend solutions.
• Scripting skills (Python, Bash) are considered an advantage.
• Good knowledge of Estonian and English.

What we offer:

• Collaborative, customer-focused environment
• Opportunities for high-impact projects and professional growth in a global company
• 5 additional paid vacation days after the first year of employment
• Sports compensation(€100/quarter) or health insurance – you choose, and you can switch once a year.
• 100% compensation for the first day of sick leave.
• Free parking at the Tallinn office.
• Team events(summer days, Christmas party, etc.).
• Possibility to work from home.
• Compensation for training expenses according to a pre-agreed budget.
• One paid study day per month to acquire new knowledge, in agreement with your supervisor.
• Recruitment referral bonus of €500.

Are you ready to join the best cybersecurity team in Northern Europe? Send your application to [email protected]. 

The confidentiality of all candidates will be guaranteed.