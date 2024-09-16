Contribute to the development of internal SOC automation to support various SOC processes, including Incident Response.

Assist SOC Analysts with logging by integrating new audit, infrastructure, and production logs. Respond to data incidents and ensure data quality.

Develop and maintain the Fraud system that analyzes and scores Semrush customer behavior. This system will detect suspicious actions such as account takeovers, card fraud, and promo abuse and respond to them automatically.

Develop and maintain the security inventory system that processes and stores information about various company assets. This system will be the primary source of truth for scanners used by security analysts in their daily work and during security audits.

Support the Vulnerability Management system by integrating new vulnerability scanners and tuning enrichment, prioritization, and response processes.

Hi there! We are Semrush, a global IT company developing our own product—a platform for digital marketers. New stars are born here, so don’t miss your chance. This is our Security Data Engineer role for those who strive to implement functional processes and drive them to full completion.

Who we are looking for

Minimum 2-3 years of experience with Splunk as an Admin/Developer or in a similar role, with strong SPL (Search Processing Language) knowledge.

Basic understanding of security principles and tools, such as vulnerability scanners, firewalls, SIEM. Understanding of how different security tools and systems generate and process data.

Expert-level proficiency in Splunk, including the ability to build complex applications, develop custom commands, write advanced searches, and create dashboards with custom behavior using tokens and JavaScript. A deep understanding of Splunk's architecture, data ingestion processes, and search and reporting capabilities is essential.

Strong proficiency in designing and implementing data pipelines. Thorough understanding of ETL concepts and data schemas (models). Ability to consider business context, including constraints, data volume, and data quality.

Proficiency in core Python fundamentals and programming. Experience with code packaging, release, and deployment. Familiarity with JavaScript is a plus. Hands-on experience with containerization and orchestration tools, particularly Docker. Knowledge of Kubernetes is beneficial. Solid understanding of CI/CD practices and workflows.

Ability to tackle challenges, like a skilled explorer charting unknown territories. You're comfortable researching problems, finding solutions, and managing your day without constant guidance.

The knack for collaborating harmoniously, like musicians in an orchestra. You're adept at working toward shared goals, valuing collective success over individual triumph.

The skill to manage your tasks and projects effectively, like a seasoned conductor leading an orchestra. You can seamlessly coordinate multiple responsibilities and deliver results on time.

Not required, but a plus

Having a passion for security or prior experience in the field is like having a secret superpower. Think of it as being a digital detective, always one step ahead of the bad guys.

Splunk certifications are highly valued here. If you have any, especially the Developer or Architect badge, you're practically royalty in our eyes. It's like having a golden ticket to Willy Wonka's chocolate factory but for data.

If you've got a knack for design and can transform raw data into eye-popping metrics, insights, and dashboards, you're our kind of wizard. We're looking for someone who can turn boring numbers into a visual feast that even non-techies will drool over.

You share our common values: Trust, as we prefer to speak up and be our true selves; Sense of Ownership, as it’s not worth wasting time on something you don’t believe in; and enthusiasm for Constant Change, as we are always looking to make things better.

A bit about the team

You can get to know the team better at one of the interviews, but some brief information about future colleagues will be useful now.

The Security Operations Center (SOC) at Semrush is our frontline defense against cyber threats, ensuring the integrity and safety of our digital assets. Our team of skilled cybersecurity professionals monitors, analyzes, and responds to security incidents during business hours, leveraging advanced technologies and industry-leading practices.

We will try to create all the right conditions for you to work and rest comfortably

It’s up to you to decide what work format works best for you. You can #wfo, #wfh, or mix both.

Flexible working day start

Unlimited PTO

Hobby benefit

Breakfast, snacks, and coffee at the office

Corporate events

Training, courses, conferences

Gifts for employees

Finally, a little more about our company

Semrush is a leading online visibility management SaaS platform that enables businesses globally to run search engine optimization, pay-per-click, content, social media and competitive research campaigns and get measurable results from online marketing.

We’ve been developing our product for 16 years and have been awarded G2s Top 100 Software Products, Global and US Search Awards 2021, Great Place to Work Certification, Deloitte Technology Fast 500 and many more. In March 2021 Semrush went public and started trading on the NYSE with the SEMR ticker.

10,000,000+ users in America, Europe, Asia, and Australia have already tried Semrush, and over 1,000 people around the world are working on its development. The Semrush team is constantly growing.



Semrush is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.


