Lead Security Operations Center (SOC)

Company Overview
SOFTSWISS is a tech company focused on iGaming. We offer ultra-powerful, widely acclaimed, certified software solutions for managing online casino and betting operations worldwide. We also provide our clients with cost-effective White Label solutions and various operational services. SOFTSWISS is based in Belarus, Poland, and Georgia, where it counts 1000+ people, with an official presence and gaming licenses in several more jurisdictions. Online casinos powered by SOFTSWISS’s platform have received numerous awards and accolades from the industry media. Our products include the Online Casino Platform, Game Aggregator, Sports Betting Platform, Affiliate Marketing Platform, and various casino games under the BGaming brand.

Security team
SOFTSWISS security team takes care of iGaming services protection, data privacy, and business continuity to ensure that nothing distracts satisfied customers from using our products. We work closely with the IT team that develops and supports our services, and together we create genuinely excellent and secure iGaming products.

Role overview
The ability for SOFTSWISS to continue to operate a fast and effective service is underpinned by the scale and performance of the technology products. We are building a new tier for leadership with the technical team.

In this role, you will be responsible for creation of Security Operation Center, Incident Response, Treat Intelligence.

Your skills and experience are:
More than five years of experience as an information security engineer/lead.
Practice in building security processes in the corporate environment
Strong investigative and analytical problem-solving skills.
Strong Linux system administration experience
Experience with Splunk, ELK, Graylog, Clickhouse, Kafka, etc.
Practice of SIEM & IRP/SOAR administration, configuration, and event analytics
Strong understanding of targeted attacks and able to create customized tactical and strategic remediation plans for compromised organizations.
A strong understanding of the MITRE ATT&CK Framework.
Windows & Linux system’s events and logs understanding.
Expertise in network, host, and cloud-based analysis and investigation
Demonstrated expertise in cloud security, telemetry, and attack techniques
Demonstrated experience planning and executing incident response activities
Familiarity with SecOps processes i.e., detection, monitoring, alerting and threat intelligence
Experience conducting or managing incident response for organizations, investigating targeted threats.
University degree in Computer Science, Information Security, or related field, or equivalent combination of education and experience
Structured written and oral communication to ensure clarity
Experience with Red/ Blue team exercises
Intermediate or higher English level

It will be good if you also have:
Experience in development and automation.
Experience in implementing CI/CD and automation
Experience in automation using Bash, Python, Powershell and/or DevOps Terraform/Ansible.
Experience in k8s, docker infrastructure & targeted attacks for them.
Expertise in performing forensic analysis on using a variety of commercial and open-source forensic tools such as FTK, EnCase, Write Blockers etc.
Strong knowledge in open source solutions of endpoint & infrastructure security such as Audit.d, sysmon, apparmor, selinux, etc
Hands on experience implementing security controls and improvements in one or more of the major cloud providers (AWS, GCP, Azure)

In this role, you will:
Leading in building SOC solutions, processes & response automation.
Immerse yourself in the specifics of systems and processes to achieve a balance of security and performance.
Build a threat intelligence process.
Manage security in ours Cloud solutions in your responsibility area.
Investigate security incidents and instigate remedial measures to address breaches.
Contribute to the definition of security policies and standards.

What we offer:
Work in an international IT product company with offices in 4 countries;
Remote full-time work or work from a comfortable office(Georgia, Poland, Malta). It doesn’t matter where you work from, what matters is the result;
Flexible schedule. It is enough to coordinate time zones and have intersections of working hours with the team;
Paid 4 Sick Days and 1 Day Off per calendar year;
Sports program compensation;
Free online English lessons with a native speaker;
Large payments under the referral program, in which the bonus is received by both the employee who recommends and the candidate who accepts the offer;
Training, internal workshops, participation in international professional conferences and corporate events;
A wide relocation program for both employees and newcomers