This website uses cookies to ensure you get the best experience.

SOFTSWISS and our selected partners use cookies and similar technologies (together “cookies”) that are necessary to present this website, and to ensure you get the best experience of it. If you consent to it, we will also use cookies for analytics purposes.

See our Cookie Policy to read more about the cookies we set.

You can withdraw and manage your consent at any time, by clicking “Manage cookies” at the bottom of each website page.
SOFTSWISS
Security · T'bilisi, Georgia · Fully Remote

Incident Response Analyst

Overview:

SOFTSWISS continues to expand the team and is looking for an Incident Response Analyst. We need a true, experienced, and accomplished professional who shares our culture and values.

Purpose of the Role:

You’ll help protect our iGaming services, working closely with IT and product teams to ensure security and stability across our ecosystem.

Key Responsibilities:

  • Upgrade SOC processes & response automation
  • Respond to cybersecurity incidents
  • Immerse yourself in the specifics of systems and processes to achieve a balance of security and performance
  • Investigate security incidents and instigate remedial measures to address breaches
  • This position follows a 2-on-2-off rotating schedule:
    • 12-hour day shift
    • Followed by a 12-hour night shift the next day
    • Then 2 days off

Our stack:

  • Splunk, Clickhouse, Gitlab, Python, ELK, Wazuh

Required Experience:

  • Experience with SIEM, EDR, IDS/IPS, IRP/SOAR events analysis
  • Familiarity with SecOps processes (monitoring, triaging, investigating, threat intelligence)
  • Strong investigative and analytical problem-solving skills
  • 1+ year of experience as an information security engineer/analyst
  • Intermediate or higher proficiency in English and Russian

Nice to Have:

  • Expertise in network, host, and cloud-based analysis and investigation.
  • Experience with AWS, Azure, GCP, Kubernetes, Docker infrastructure and related attack vectors.
  • Strong understanding of attack pipelines (MITRE ATT&CK Framework, Cyber Kill-Chain).
  • Experience with Clickhouse, Splunk, Kafka, ELK, Graylog, etc.
  • Strong Linux system administration experience.
  • Familiarity with CI/CD, software development lifecycle, Infrastructure-as-Code (Terraform/Ansible/etc).
  • Proficiency in automation (Bash/PowerShell, Python).
  • Experience with log collection, delivery, and normalisation.
  • Strong knowledge in open-source endpoint & infrastructure security tools (Audit.d, Sysmon, AppArmor, SELinux, etc.).
  • Basic static and dynamic malware analysis.
  • Offensive experience (penetration testing, red teaming)

Learn more about our hiring process here (link) – what to expect, how to prepare, and what makes SOFTSWISS different.

Department
Security
Role
Security Operations Center Analyst
Locations
T'bilisi, Georgia
Remote status
Fully Remote
Employment type
Full-time
Picture of Anastasiya.Tuzava
Contact Anastasiya.Tuzava Talent Acquisition Team Lead – CHRO / HR Team
Security · T'bilisi, Georgia · Fully Remote

Incident Response Analyst

Loading application form

Already working at SOFTSWISS?

Let’s recruit together and find your next colleague.