Unicis is an open-core company that sells applications via the Atlassian Marketplace and subscriptions for all-in-one SaaS products. Today, Unicis helps startups get certified and compliant with international standards, frameworks, and benchmarks.
Unicis is committed to a comprehensive strategy against, whatever it may be.
Automating security, data privacy, and compliance through the utilization of open standards and data.
A single place to manage privacy and data protection, IT and cyber security, compliance, and legal requirements.
Building credibility and trust through open-source software.
Culture
Unicis culture is discussed here.
All remote
Unicis.Tech OΓ is a company that works fully remotely and has five team members spread across two continents and three time zones. The wider team of contributors around the world contributes patches, bug reports, troubleshooting tips, improvements, and real-world ideas to Unicis open-source code base, documentation, website, and company handbook.
Unicis is open by design. Unicis Platform Community Edition is open-source, and the source code, documentation, and content are publicly available from the source repository. The Unicis handbook is the main guide for how we run and work at the company. The way we run the business is open and transparent, as confidentiality agreements allow. We work better together with the community, and the community works better together with us.
We write things down at Unicis. Even when we may be incorrect. This helps us move quickly, gives us more information, and lets us work at different time zones.
Note:
The communication page tells you more about what it's like to work at Unicis.
Open positions
Unicis is currently recruiting for the following positions:
Unicis Open Positions
All open hiring positions at Unicis can be found here.
Unicis is building a cutting-edge Security Operations Center (SOC) using an open-source technology stack. We are looking for an experienced SOC Engineer who has hands-on experience in setting up and managing a SOC using open-source tools such as Zabbix, Wazuh, and MISP, containerized with Docker.
Job Description
As a SOC Engineer, you will be responsible for designing, deploying, and maintaining an open-source SOC for Unicis. You will work with the latest versions of Zabbix, Wazuh, and MISP, and ensure these tools are seamlessly integrated to provide comprehensive security monitoring and alert management capabilities. Your role will involve customization of integrations, setting up automation workflows, and ensuring that all security alerts are reported and managed through the Zabbix interface.
Key Responsibilities
Design and deploy a SOC using Zabbix 7, Wazuh 4.x, and MISP 2.4.x in Docker containers.
Integrate MISP with Wazuh for threat intelligence sharing and Wazuh with Zabbix for alert management.
Customize SOC components to ensure MISP reports to Wazuh and Wazuh alerts (level 7+) are reported to Zabbix.
Configure Zabbix to handle, display, and act upon all security alerts.
Develop and maintain Docker Compose scripts for deploying and managing SOC components.
Secure the SOC environment, including securing Docker containers and setting up encrypted communications.
Implement automated testing and continuous monitoring to ensure SOC performance and reliability.
Collaborate with IT and security teams to ensure smooth SOC operations and incident response.
Required Qualifications
Proven experience in setting up SOCs using open-source technologies.
Proficiency with Zabbix, Wazuh, and MISP, including the latest versions.
Strong knowledge of Docker and container orchestration.
Experience with integrating security tools and setting up automated alert workflows.
Solid understanding of network security, threat intelligence, and incident response.
Strong scripting skills (Python, Bash, etc.) for automation and integration tasks.
Excellent problem-solving skills and attention to detail.
Preferred Qualifications
Experience with CI/CD tools such as GitLab CI/CD.
Familiarity with infrastructure as code (IaC) tools like Ansible.
Knowledge of cloud environments and deploying SOCs in cloud infrastructure.
Benefits
Competitive salary and benefits package.
Opportunities for professional development and certification.
Collaborative and innovative work environment.
Flexible work hours and potential for remote work.
Technical Specification Document for SOC Intranet Center at Unicis
1. Introduction
This document outlines the technical specifications for setting up an open-source SOC at Unicis using Zabbix, Wazuh, and MISP with Docker containers. The goal is to deploy a scalable and customizable SOC that centralizes security alerts and facilitates effective incident response.
2. Objective
Deploy a SOC leveraging Zabbix, Wazuh, and MISP to:
Integrate MISP with Wazuh for threat intelligence sharing.
Report Wazuh alerts (level 7 and above) to Zabbix.
Centralize security alert management in Zabbix.
3. System Architecture
Components
Zabbix 7.0: Monitoring and alert management.
Wazuh 4.x: SIEM and log analysis.
MISP 2.4.x: Threat intelligence platform.
Docker: Containerization for scalability and portability.
Docker: Latest version of Docker and Docker Compose.
Zabbix: Version 7.0.
Wazuh: Version 4.x.
MISP: Version 2.4.x.
Database: PostgreSQL or MySQL/MariaDB.
Web Server: Nginx.
5. Deployment Architecture
5.1 Docker Container Setup
Zabbix Server: Monitoring and alert management.
Zabbix Agent: For monitored systems.
Wazuh Server: SIEM and integration with MISP.
Wazuh Agent: For data collection.
MISP: Threat intelligence sharing.
Database Containers: For Zabbix, Wazuh, and MISP.
Reverse Proxy: Nginx for web traffic management.
5.2 Networking
Secure communication with Docker networks.
Use an overlay network for distributed deployments.
Implement Docker secrets for secure configuration.
6. Integration and Customization
6.1 MISP to Wazuh
Use MISP API to push intelligence to Wazuh.
Automate threat feed import into Wazuh for real-time detection.
6.2 Wazuh to Zabbix
Configure Wazuh to send high-severity alerts to Zabbix.
Use custom scripts or Zabbix integrations to process Wazuh alerts.
6.3 Alert Management in Zabbix
Customize Zabbix templates for Wazuh alerts.
Create dashboards for monitoring SOC metrics.
Set up alerting and response actions in Zabbix.
7. Security Considerations
Use best practices for securing Docker containers.
Implement TLS for secure communications.
Set up RBAC in Zabbix, Wazuh, and MISP.
8. Testing and Validation
Perform integration testing for all components.
Conduct stress testing to validate system performance.
Implement automated testing for updates and security patches.
9. Deployment Process
9.1 Steps
Environment Setup: Install Docker and dependencies.
Docker Network: Create secure Docker networks.
Deploy Containers: Use Docker Compose for deployment.
Integration: Set up MISP, Wazuh, and Zabbix connections.
Testing: Verify all integrations and performance.
Production: Deploy and monitor continuously.
9.2 Automation and CI/CD
Use CI/CD pipelines for deployment and updates.
Automate configuration with Ansible or similar tools.
10. Documentation and Training
Provide detailed guides for managing the SOC.
Train SOC analysts on Zabbix, Wazuh, and MISP.
11. Maintenance and Support
Schedule updates and patches.
Monitor performance and adjust as needed.
Set up alerts for system issues.
Conclusion
The SOC at Unicis will leverage Zabbix, Wazuh, and MISP with Docker for a robust security monitoring solution. By integrating these tools, the SOC will centralize alert management, enabling Unicis to maintain a strong security posture.
How to Apply
Please send your resume, a cover letter detailing your relevant experience, and any examples of your work (e.g., GitHub repositories) to [recruitment@unicis.tech] or on the form below.
Join us! Are you interested in joining the Unicis team, or know someone who might be interested? You can read the job description and apply by clicking on one of the positions.
Please share a short description of the company, our vision, mission, goals, value, history, and current open positions. Thank you!
Values
At Unicis, our core values guide every part of our business, including our culture, decisions, and interactions. These values make up who we are and how we work.
Empathy
We try to be understanding and compassionate in all our interactions. We care about what our customers, coworkers, and communities think and need. This helps us make connections that are helpful and meaningful.
Ownership
We are responsible for our actions and how they affect others. Our commitment to accountability drives us to be dedicated and honest in everything we do.
Results-Driven
Excellence is at the heart of what we do. We are committed to achieving outstanding results and constantly strive to meet and exceed our goals, delivering tangible value to our customers and stakeholders.
Objectivity
Our decisions are based on facts and information. We make well-informed decisions that benefit our customers, community and our company.
Openness
We foster a culture of transparency and open communication. We encourage people to share ideas and give feedback, which helps us come up with new ideas and improve. This helps everyone feel heard and appreciated.
History
You can learn about the history of Unicis by looking at the timeline on our website.
Org chart
Everyone at Unicis has a manager and direct reports. The chart below shows the current employees of Unicis.
%%{init: {'theme':'neutral'}}%%
stateDiagram-v2
state "CEO & Founder" as ceo
state "Predrag π²π°" as ceo
ceo --> cco
ceo --> cto
state "CTO & Co-founder" as cto
state "Peter π§π¬" as cto
ceo --> dev
cto --> dev
state "Development Team" as dev
state "Consultant 1 πΊπ¦" as dev
state "Consultant 2 π³π¬" as dev
state "CCO & Co-founder" as cco
state "Alexander πΈπͺ" as cco