Junior Information Security Specialist

Company Description

RISK inc: an international iGaming company specializing in identifying and fostering the growth of high-potential entertainment markets. With 500+ professionals in 20+ locations, we operate in 10 countries, serving over 300,000 customers.

Always Pushing the Boundaries? You Already Belong at RISK!

Our global-scale operations are based on strong internal expertise, analytics, and data research. We have expertise in iGaming operations (sports betting, online casino), digital and affiliate marketing, tech solutions, and data analytics.

Job Description

We are looking for a SOC Specialist with a strong understanding of security operations and experience in monitoring and responding to security incidents. In this role, you will analyze security alerts, investigate potential threats, ensure proper incident handling, and collaborate with IT and security teams to maintain a secure environment and protect company assets.

Responsibilities: 

• Event Collection and Analysis: Gather and analyze events from infrastructure components (websites, servers, databases).
• Security Rule Development and Implementation: Create and implement security rules for scenarios like fake registrations, mass registrations, and DDoS attacks.
• Monitoring and Incident Response: Monitor and respond to rule triggers/incidents, refine response rules, and handle blocking actions.
• Security Incident Investigation: Investigate security incidents.
• Resource and Service Registry: Maintain a registry of resources and services.
• Security Compliance Control: Ensure resource compliance with international security standards and apply the latest security patches.
• Collaboration with Subcontractors and Security Partners: Work closely with subcontractors and partner companies on security matters.
• Administration of Security Systems: Manage security systems such as MDM (Mobile Device Management), BYOD (Bring Your Own Device), SIEM (Security Information and Event Management), and CloudFlare.
• Risk Analysis and Mitigation: Assess existing risks and develop compensatory actions to minimize them. Risk Analysis for New Systems and Projects: Evaluate potential risks related to implementing new systems, services, or applications to enhance business processes.

Qualifications

• Minimum 3 years of experience in IT and/or information security.
• Solid understanding of IT Infrastructure and Network Security principles.
• Familiarity with IT infrastructure protection systems and network security.
• Experience with IAM (Identity and Access Management) systems.
• Proficient in vulnerability management systems.
• Experience in configuring SIEM tools (Open Search, Splunk, or others).
• Desired experience in configuring security policies for Google Workspace/Office 365.
• Familiarity with tools like Terraform, GitLab, Prometheus, Grafana, Loki, Docker, Docker Compose, PowerBI, HaProxy, Nginx, and LEMP.
• Familiarity with cloud solutions such as AWS, DigitalOcean, CloudFlare, GCP, and Kubernetes.
• Experience with external audits (either undergoing or conducting them).
• Strong understanding of risk and incident management methodologies.
• Excellent documentation skills (creating instructions, policies, guidelines).
• Familiarity with scripting languages like Python, Bash/Shell scripts, SQL, and PowerShell for automation, parsing, API work, and database tasks.
• Knowledge of security standards like ISO/IEC 27001 and NIST.
• Familiarity with antivirus systems; experience with CrowdStrike is a plus.
• Desired experience in deploying and administering databases.
• Desired experience with Windows, Linux, and MacOS operating systems.
• Intermediate or higher proficiency in English (both written and spoken).

Additional Information

• Remote work
• Vacation: 20 working days
• Paid sick leave
• Learning Coverage 
• Sport coverage
• Medical insurance