*TripleTen is a service that empowers individuals, regardless of their prior experience, to embark on the exciting and challenging journey of mastering IT professions such as software engineering, data science, business intelligence analytics, and QA engineering in a feasible and accessible way, ultimately leading to employment opportunities.*

Our mission is to ensure that every student has the opportunity to master a new profession successfully and become a valuable member of the IT industry. We are successfully producing highly desirable tech professionals in the most competitive EdTech market in the world — the US market.

We are looking for a Security Operations Engineer to help build our security operations capability. You will deploy and operate a SIEM platform, support managing vulnerability remediation, responding to security incidents, and help implement the CIS Controls framework.

This role offers the chance to shape a new security program, work closely with leadership, and strengthen our overall security posture.

What you will do

• SIEM Operations: Manage and optimise the SIEM platform, monitor real-time alerts, investigate incidents, tune detection rules, and maintain dashboards and log sources.
• Incident Response: Execute response playbooks, escalate and document incidents, and contribute to post-incident reviews and response improvements.
• Vulnerability Management: Operate cloud security posture management tools, triage and track vulnerabilities, coordinate remediation, and produce reports.
• Security Operations Support: Review security aspects of systems and technology changes, respond to security inquiries, maintain tool inventory, and support awareness efforts.
• Compliance and Improvement: Support SOX and CIS Controls implementation, maintain control evidence, assist audits, automate repetitive tasks, and stay current on threats and technologies.

Requirements

• 3–5 years in security operations or SOC roles with hands-on SIEM and vulnerability management experience.
• Practical knowledge of CIS Controls, NIST, or ISO 27001 frameworks.
• Familiarity with AWS, Infrastructure as Code, and application security tools.
• Strong communication, analytical, and documentation skills; proactive and collaboration-minded.

What Makes You Stand Out

• Experience building or scaling SIEM/SOC capabilities.
• Comfort operating in small teams and shaping new processes.
• Passion for security and driving program maturity.

What we can offer you

• Full-time remote collaboration with a convenient schedule. A space for professional freedom, where we trust your experience instead of wasting each other's time and effort micromanaging.
• A diverse and tight-knit team. Our teammates are spread across Europe – from Helsinki to Lisbon, our group calls are hilarious.
• Comfortable digital workspace. We use Miro, Notion, Google Workspace, Jira, etc., to make working together seamless.

*At this time, we are unable to offer H-1B, L-1A/B sponsorship opportunities.

This job description is not designed to contain a comprehensive listing of activities, duties, or responsibilities that are required. Nothing in this job description restricts management's right to assign or reassign duties and responsibilities at any time.



TripleTen is an equal employment opportunity/affirmative action employer and considers qualified applicants for employment without regard to race, color, religion, sex, national origin, age, religion, disability, marital status, sexual orientation, gender identity/expression, protected military/veteran status, or any other legally protected factor.