Incident Response Analyst – L2

🔥 0 minutes ago

🇬🇪 Georgia – Remote

⏰ Full Time

🟡 Mid-level

🟠 Senior

🚨 Incident Response Analyst

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of SOFTSWISS

SOFTSWISS

1001 - 5000 employees

🎮 Gaming

Gaming • Software Development

SOFTSWISS is a leading provider of iGaming software solutions, offering a wide range of products including iGaming Platform, Sportsbook Platform, Game Aggregator, Jackpot Aggregator, and more. Established in 2009, SOFTSWISS has grown to employ over 1,700 people across 4 international offices in Poland, Georgia, Malta, and several remote locations. The company is known for its innovation in the iGaming industry, being the first Crypto iGaming provider in the world. SOFTSWISS not only promotes a dynamic and flexible work culture with comprehensive employee benefits but also commits to social responsibility by supporting various campaigns and initiatives.

📋 Description

• Investigate and respond to complex security incidents throughout the entire incident lifecycle • Perform digital forensic investigations, malware analysis, and evidence collection to determine the scope and root cause of security incidents • Analyze attack techniques, correlate security events, and reconstruct attack timelines • Develop and improve SIEM detections, correlation rules, and incident response playbooks • Conduct threat hunting activities and reduce false positives through detection tuning • Automate repetitive SOC activities using scripting where appropriate • Collaborate with Infrastructure, Development, IT, and Security teams during incident response • Mentor L1 analysts by providing technical guidance and feedback

🎯 Requirements

• 3+ years of experience in SOC, Incident Response, DFIR, or MSSP environments • Strong understanding of modern cyber threats, attack techniques, and frameworks such as MITRE ATT&CK and the Cyber Kill Chain • Hands-on experience investigating security incidents, performing digital forensics, and malware analysis • Hands-on experience with SIEM platforms (e.g. Splunk, Wazuh, ClickHouse, Redash) • Good understanding of enterprise infrastructure, including Windows, Linux, macOS, Active Directory, email systems, Kubernetes, Docker, and databases • Experience with automation using Python, PowerShell, or Bash • Knowledge of Kubernetes and Docker security concepts • Strong analytical mindset, problem-solving skills, and effective communication in cross-functional environments • Intermediate or higher English level • Nice to have: Experience with Threat Hunting, Network Traffic Analysis (NTA), or cloud security (AWS)

🏖️ Benefits

• Private health insurance • Sports benefits • Comprehensive Mental Health Program • Free English lessons (online) • Local language courses • Paid time off • Maternity leave support • Referral program rewards • Upskilling, internal workshops, and participation in professional conferences and corporate events

Apply Now