The role is addressed to professionals with increased technical maturity, capable of taking ownership of complex security incidents, acting as a technical reference point in the daily SOC operations, and actively contributing to the continuous improvement of detection and response mechanisms.

The position includes 24*7 support.

Key Responsibilities:

• Handle and perform in-depth investigation of high-severity and complex security incidents (P1 / P2)

• Coordinate Incident Response activities in collaboration with internal teams and customers

• Provide technical guidance and support to L1 and L2 analysts during complex investigations

• Analyze multi-stage attacks and complete attack chains, producing actionable technical conclusions

• Optimize detection rules, correlations, and security use cases

• Actively participate in the design, improvement, and maintenance of automated response actions (playbooks / workflows), in close collaboration with the relevant teams

• Participate in and guide threat hunting activities

• Perform quality assurance and technical enhancement of incident reports

• Communicate technically with customers during critical incidents and post-incident reviews

• Contribute to the continuous improvement of SOC processes, SOPs, and overall operational effectiveness

Required Qualifications:

• Bachelor’s degree in Information Technology or a related field

• 4+ years of experience in a SOC / Security Analyst role, with hands-on involvement in high-severity incidents

• Strong practical experience in:

  • SIEM / XDR environments and log analytics

  • Security incident investigation and response

• Solid understanding of:

  • Network protocols, encryption, and network traffic analysis

  • Attacks targeting endpoints, networks, cloud, and identity infrastructures

• Experience with threat hunting or proactive detection activities

• Ability to analyze complex attack paths and multi-stage intrusion scenarios

• Working knowledge of scripting (e.g. Python, regex) for analysis or automation support

• Knowledge of IDS / IPS, EDR, and related security technologies

• Excellent command of English (written and spoken)

Preferred Qualifications:

• Cybersecurity certifications

• Experience with SOAR or automated response actions (usage, maintenance, or improvement)

• Knowledge of MITRE ATT&CK and adversary technique mapping

• Experience in Vulnerability Assessment or Penetration Testing

• Good knowledge of Windows and Linux operating systems

• Experience in mentoring or technical leadership roles

 You are the right candidate if you possess the following core competencies:

• Excellent communication skills 

• Decision making skills  

• Ability to diagnose, analyze and solve problems  

• Teamwork 

• Consistency & Reliability

Our company offers: 

• Excellent working environment

• Excellent career and development opportunities

• Ongoing training

• Certifications on leading vendors’ technologies

• Private health insurance scheme