Logo for SOFTSWISS

Incident Response Analyst - L2

Role overview

Qualifications

  • 3+ years of experience in SOC, Incident Response, DFIR, or MSSP environments
  • Strong understanding of modern cyber threats, attack techniques, and frameworks such as MITRE ATTCK and the Cyber Kill Chain
  • Hands-on experience investigating security incidents, performing digital forensics, and malware analysis
  • Good understanding of enterprise infrastructure, including Windows, Linux, macOS, Active Directory, email systems, Kubernetes, Docker, and databases

Responsibilities

  • Investigate and respond to complex security incidents throughout the entire incident lifecycle
  • Perform digital forensic investigations, malware analysis, and evidence collection to determine the scope and root cause of security incidents
  • Analyze attack techniques, correlate security events, and reconstruct attack timelines
  • Develop and improve SIEM detections, correlation rules, and incident response playbooks

About the company

SOFTSWISS logo

SOFTSWISS

Sports Betting & iGaming

SOFTSWISS is an international company and a widely-acclaimed iGaming expert. We were the very first online gambling software company to start working with cryptocurrencies. SOFTSWISS appeared in July 2009 in Minsk, Belarus. Today SOFTSWISS is a recognised industry leader in iGaming software solutions development. The company has an international team, which counts 1,400+ employees and has an official presence in Poland, Malta, Georgia, and Belarus. To date, the SOFTSWISS client network counts more than 500 iGaming brands. Projects powered by SOFTSWISS receive numerous awards and accolades from industry media. SOFTSWISS steadily enhances the products portfolio with continuous innovations and increases the quality of its services, providing customers with first-class industry solutions. Our values: - High-end solutions based on reliability, security and honesty - Expertise of a professional team with over 10 years of iGaming background - Innovative approach to product development and business processes Our Products: - Sportsbook Platform - Online Casino Platform - Game Aggregator - Jackpot Aggregator - Affilka (Affiliate Platform) - Managed Services Our Services: - First Line Player Support - Player Retention - Player Reactivation - VIP Player Support - Anti-fraud support Our solutions: - Crypto Casino Solution - White Label Casino Solution - Turnkey Casino Solution White Label solutions: - Operating under the SOFTSWISS gambling licences - Ready-to-use payment processing options - SOFTSWISS merchant accounts Why Us? - Over 10 years helping our clients to succeed in the industry - Focus on software security and stability - Top client service based on the client needs - Best industry professionals - Agile methodology at all levels - Cutting-edge innovations - Wide geographical presence Website: www.softswiss.com Email: order@softswiss.com SOFTSWISS. Winning Combination

Company details

Company typeLarge
IndustrySports Betting & iGaming
Company size1001 - 5000

Your match analysis

See how your profile stacks up against this role.

We compared the job requirements to your profile to show where you're strong and where you fall short.

Job description

Overview:

SOFTSWISS is looking for an Incident Response Analyst (L2) to join our Security Operations team. In this role, you will investigate complex security incidents, handle L1 escalations, and help improve our detection and incident response capabilities.

Purpose of the role:

You will be responsible for investigating complex cybersecurity incidents, handling escalations from L1, and enhancing our SOC detection and incident response capabilities.

We're looking for someone with an incident-driven mindset who can analyze attack chains, validate hypotheses, and make evidence-based decisions to effectively identify, investigate, and contain security threats.

Key responsibilities:

  • Investigate and respond to complex security incidents throughout the entire incident lifecycle

  • Perform digital forensic investigations, malware analysis, and evidence collection to determine the scope and root cause of security incidents

  • Analyze attack techniques, correlate security events, and reconstruct attack timelines

  • Develop and improve SIEM detections, correlation rules, and incident response playbooks

  • Conduct threat hunting activities and reduce false positives through detection tuning

  • Automate repetitive SOC activities using scripting where appropriate

  • Collaborate with Infrastructure, Development, IT, and Security teams during incident response

  • Mentor L1 analysts by providing technical guidance and feedback

Required Experience:

  • 3+ years of experience in SOC, Incident Response, DFIR, or MSSP environments

  • Strong understanding of modern cyber threats, attack techniques, and frameworks such as MITRE ATT&CK and the Cyber Kill Chain

  • Hands-on experience investigating security incidents, performing digital forensics, and malware analysis

  • Hands-on experience with SIEM platforms (e.g. Splunk, Wazuh, ClickHouse, Redash), including writing complex search queries, correlating events, and investigating large volumes of security data

  • Good understanding of enterprise infrastructure, including Windows, Linux, macOS, Active Directory, email systems, Kubernetes, Docker, and databases

  • Experience with automation using Python, PowerShell, or Bash

  • Knowledge of Kubernetes and Docker security concepts

  • Strong analytical mindset, problem-solving skills, and effective communication in cross-functional environments

  • Intermediate or higher English level

Nice to have:

  • Experience with Threat Hunting, Network Traffic Analysis (NTA), or cloud security (AWS)

  • Familiarity with CI/CD and Infrastructure as Code (e.g. Terraform, Ansible)

  • Participation in Red Team or Purple Team exercises

  • Industry certifications such as GCIA, GCIH, GCED, OSCP, CEH, or Splunk certifications

  • Familiarity with security frameworks such as NIST

Our Benefits:

  • Private health insurance

  • Sports benefits

  • Comprehensive Mental Health Program

  • Free English lessons (online)

  • Local language courses

  • Paid time off

  • Maternity leave support

  • Referral program rewards

  • Upskilling, internal workshops, and participation in professional conferences and corporate events

Apply once. Then go straight to the hiring manager.

After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.

MR

Marcus Rivera

Chief Revenue Officer

m.rivera@company.com
linkedin.com/in/marcusrivera
Unlocked after you apply
·

Incident Response Analyst Related jobs

Other jobs at SOFTSWISS

Premium

Reach out to the hiring manager directly.

Gain access to the contact details of the hiring managers who actually decide, and reach out to network with them directly. That, plus more when you upgrade:

  • Full match report with fit score and gaps
  • Career diagnostics on how recruiters read you
  • Curated company matches and warm intros
  • 48h early access to new roles

Cancel anytime.