SOFTSWISS
Sports Betting & iGaming
See how your profile stacks up against this role.
We compared the job requirements to your profile to show where you're strong and where you fall short.
SOFTSWISS is looking for an Incident Response Analyst (L2) to join our Security Operations team. In this role, you will investigate complex security incidents, handle L1 escalations, and help improve our detection and incident response capabilities.
You will be responsible for investigating complex cybersecurity incidents, handling escalations from L1, and enhancing our SOC detection and incident response capabilities.
We're looking for someone with an incident-driven mindset who can analyze attack chains, validate hypotheses, and make evidence-based decisions to effectively identify, investigate, and contain security threats.
Investigate and respond to complex security incidents throughout the entire incident lifecycle
Perform digital forensic investigations, malware analysis, and evidence collection to determine the scope and root cause of security incidents
Analyze attack techniques, correlate security events, and reconstruct attack timelines
Develop and improve SIEM detections, correlation rules, and incident response playbooks
Conduct threat hunting activities and reduce false positives through detection tuning
Automate repetitive SOC activities using scripting where appropriate
Collaborate with Infrastructure, Development, IT, and Security teams during incident response
Mentor L1 analysts by providing technical guidance and feedback
3+ years of experience in SOC, Incident Response, DFIR, or MSSP environments
Strong understanding of modern cyber threats, attack techniques, and frameworks such as MITRE ATT&CK and the Cyber Kill Chain
Hands-on experience investigating security incidents, performing digital forensics, and malware analysis
Hands-on experience with SIEM platforms (e.g. Splunk, Wazuh, ClickHouse, Redash), including writing complex search queries, correlating events, and investigating large volumes of security data
Good understanding of enterprise infrastructure, including Windows, Linux, macOS, Active Directory, email systems, Kubernetes, Docker, and databases
Experience with automation using Python, PowerShell, or Bash
Knowledge of Kubernetes and Docker security concepts
Strong analytical mindset, problem-solving skills, and effective communication in cross-functional environments
Intermediate or higher English level
Experience with Threat Hunting, Network Traffic Analysis (NTA), or cloud security (AWS)
Familiarity with CI/CD and Infrastructure as Code (e.g. Terraform, Ansible)
Participation in Red Team or Purple Team exercises
Industry certifications such as GCIA, GCIH, GCED, OSCP, CEH, or Splunk certifications
Familiarity with security frameworks such as NIST
Private health insurance
Sports benefits
Comprehensive Mental Health Program
Free English lessons (online)
Local language courses
Paid time off
Maternity leave support
Referral program rewards
Upskilling, internal workshops, and participation in professional conferences and corporate events
After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.
Marcus Rivera
Chief Revenue Officer

SOFTSWISS

Grafana Labs

SentinelOne

Box

Centene Corporation

SOFTSWISS

SOFTSWISS

SOFTSWISS