Incident Response Lead

Overview:

SOFTSWISS continues to expand the team and is looking for an Incident Response Lead. We need a true, experienced, and accomplished professional who shares our culture and values. 

The ability for SOFTSWISS to continue to operate a fast and effective service is underpinned by the scale and performance of the technology products. We are building a new tier for leadership with the technical team. In this role, you will be responsible for the Incident Response Process.

Security Team:

SOFTSWISS Security Team takes care of iGaming services protection, data privacy, and business continuity to ensure that nothing distracts satisfied customers from using our products. We work closely with the IT team that develops and supports our services, and together we create genuinely excellent and secure iGaming products.

Key responsibilities:

• Leading in incident response processes & automation
• Immerse yourself in the specifics of systems and processes to achieve a balance of security and performance
• Manage security in our Cloud solutions
• Investigate security incidents and instigate remedial measures to address breaches
• Contribute to the definition of security policies and standards

Requirements:

• 5+ years of experience in information security (engineering/analyst or lead roles)
• Proven experience in incident response, including targeted threat investigation & remediation
• Strong understanding of MITRE ATT&CK Framework (attackers’ techniques knowledge)
• Solid knowledge of Windows and Linux systems, including logs and events
• Experience with SIEM tools (Splunk, ELK, etc.) + SQL querying and SOAR/IRP platforms
• Cloud security expertise (telemetry, attack techniques, investigation)
• Familiarity with SecOps processes (detection, monitoring, alerting, threat intel)
• Strong analytical and problem-solving skills
• Intermediate or higher level of English

Nice to have:

• Experience in development and automation using Bash, Python, PowerShell, Terraform, SaltStack, and/or Ansible
• Familiarity with CI/CD processes and DevOps practices
• Understanding of Kubernetes and Docker infrastructure, as well as related security threats
• Experience with Clickhouse (Analyst, Administration)
• Hands-on experience implementing security controls with major cloud providers (AWS, GCP, Azure)
• Digital forensics skills using open-source tools (e.g., FTK, R-Studio)
• Knowledge of open-source endpoint and infrastructure security solutions such as Auditd, Wazuh, Sysmon, AppArmor, SELinux, etc.
• Experience with Red/ Blue team exercises
  

What we offer:

• Full-time remote work opportunities and flexible working hours
• Comprehensive Mental Health Programme
• Private insurance
• Sports program compensation
• Free online English lessons
• An additional 1 Day off per calendar year
• Generous referral program
• Training, internal workshops, and participation in international professional conferences and corporate events

About us:

SOFTSWISS is an international company, and an iGaming software expert. We don’t only follow iGaming market trends, we create them! SOFTSWISS is a recognised industry leader in iGaming software solutions development, covering almost all aspects of the iGaming industry. The company has an international team and an official presence in several countries. Projects powered by SOFTSWISS receive numerous awards and accolades from industry media.

Our mission:

Changing the iGaming industry through technological innovation.

SOFTSWISS in numbers:

• 2009 - foundation year
• 2000+ total employees worldwide
• 5 offices, countries: Poland, Georgia and Malta
• No1 provider in Crypto iGaming
• 7 proprietary products
• 800+ brands using our software
• 11B+ € bets processed per month
• 6M+ active players monthly