Overview:
SOFTSWISS continues to expand the team and is looking for an Incident Response Analyst. We need a true, experienced, and accomplished professional who shares our culture and values.
About team:
Become part of the Infrastructure Security & Operations team at SOFTSWISS Group, where innovation in infrastructure security is our cornerstone. Our team is dedicated to safeguarding systems through rigorous hardening&monitoring of Kubernetes (k8s), VPNs, Endpoint Protection, PAM, and beyond. We are on the front lines 24/7, managing incident responses and crafting our Security Operation Center (SOC). In joining us, you’ll be immersed in a culture that prizes clarity, responsibility, and ongoing growth, leveraging the latest in security technology and practices. Engage in our mission to protect and stabilize Softswiss’s global operations, advancing your career in a supportive and collaborative environment.
Key responsibilities:
- Upgrade SOC processes & response automation;
- Respond to cybersecurity incidents;
- Immerse yourself in the specifics of systems and processes to achieve a balance of security and performance;
- Investigate security incidents and instigate remedial measures to address breaches.
- The position operates on a 2-on-2-off shifts pattern, encompassing 12-hour day shift followed by 12-hour night shift the next day and 2 free days after that.
Our stack:
- Splunk
- Clickhouse
- Gitlab
- Python
- ELK
- Wazuh
Requirements:
- Practice with SIEM, EDR, IDS/IPS, IRP/SOAR events analysis.
- Familiarity with SecOps processes i.e., monitoring, triaging, investigating and threat intelligence.
- Expertise in network, host, and cloud-based analysis and investigation.
- Experience with AWS, Azure, GCP, k8s, docker infrastructure and familiarity with attacks on them.
- A strong understanding of the attack pipelines (MITRE ATT&CK Framework, Cyber Kill-Chain).
- More than one year of experience as an information security engineer/analyst.
- Strong investigative and analytical problem-solving skills.
- Intermediate or higher English level.
Nice to have:
- Experience with Clickhouse, Splunk, Kafka, ELK, Graylog etc.
- Strong Linux system administration experience.
- Familiarity with CI/CD, software development lifecycle, Infrastructure-as-Code (Terraform/Ansible/etc).
- Proficiency in automation (Bash/PowerShell, Python).
- Experience with logs collection, delivery and normalization.
- Strong knowledge in open source solutions of endpoint & infrastructure security such as Audit.d, sysmon, apparmor, selinux, etc.
- Basic static and dynamic malware analysis.
- Offensive experience (penetration testing, red teaming).
What we offer:
- Full time remote work opportunities;
- Comprehensive Mental Health Programme
- Private insurance;
- Sports program compensation;
- Free online English lessons;
- Additional 1 Day Off per calendar year;
- Generous referral program;
- Training, internal workshops, and participation in international professional conferences and corporate events.
About us:
SOFTSWISS is an international company, an iGaming software expert. We don’t only follow iGaming market trends, we create them! SOFTSWISS is a recognised industry leader in iGaming software solutions development, covering almost all aspects of the iGaming industry. The company has an international team and an official presence in several countries. Projects powered by SOFTSWISS receive numerous awards and accolades from industry media.
Our Mission:
Changing the iGaming industry through technological innovation.
SOFTSWISS in numbers:
- 2009 – foundation year
- 2000+ total employees worldwide
- 5 offices, countries: Poland, Georgia and Malta
- No1 provider in Crypto iGaming
- 7 proprietary products
- 800+ brands using our software
- 11B+ € bets processed per month
- 6M+ active players monthly