Security isn’t a state — it’s a process. And we’re looking for someone who knows how to drive it. Softsich is a young and ambitious company making big waves in the world of digital entertainment. We combine strategic vision with deep tech expertise to build and scale high-performance products. Right now, we’re looking for a Security Engineer to strengthen our internal infrastructure and help automate key security workflows. Your key responsibilities will include: — Monitor and analyze security alerts across multiple security platforms (SIEM, EDR, SOAR) — Lead Incident Response: serve as primary responder to security alerts, perform initial triage, conduct investigations, and coordinate remediation — Enhance Detection Capabilities: design, implement, and fine-tune detection rules and alerts across cloud environments — Conduct endpoint, network, and application log analysis to identify suspicious activity — Collaborate with IT, DevOps, and Compliance teams to enforce security standards and best practices — Assist in improving incident response processes, playbooks, and operational practices — Stay informed about emerging cybersecurity threats, trends, and industry developments — Deploy and manage MDM/UEM solutions (Jamf, Jumpcloud) across all endpoints — Advocate for best practices in IT and change management to strengthen security posture — Define and enforce security policies for workstations (passwords, encryption, restrictions, app controls) — Perform regular audits and compliance checks aligned with corporate standards — Monitor device health and security compliance, respond to related alerts — Coordinate patching and updates on endpoints through MDM — Conduct inventory and asset tracking, including remote wipe and lock management — Provide endpoint security reporting and metrics to IT leadership and compliance — Collaborate with incident response teams on mobile endpoint incidents It’s a match if you have: — 3+ years in IT Operations, System Administration, or related roles — Experience in security threat analysis or incident response, ideally within a SOC — Proven experience responding to and managing incidents in cloud environments (AWS, Azure, GCP) and SaaS services (Google Workspace, Atlassian) — Proficiency with SIEM platforms, including rule creation, tuning, and maintenance — Strong knowledge of cloud security monitoring tools and techniques — Understanding of network infrastructure — Experience analyzing endpoint, network, and application logs for anomalies — Practical understanding of common attack vectors and how to detect them — Experience with security automation and scripting for incident response workflows — Understanding of IT system architecture, network design, and IT/change management processes — Experience with virtualization technologies — Familiarity with identity management — Proficiency in platforms used for information security investigations and triage — Ukrainian — C1 level or native. Nice to have: — Experience with cloud-native security tools and services — Familiarity with scripting or automation (PowerShell, Bash, Python) — Experience with endpoint detection solutions and email security technologies — Knowledge of IT security audit techniques What we offer: — A competitive salary — Remote work format or a modern office in Warsaw and/or Kyiv — Flexible working hours — An incredibly friendly team where everyone is ready to share knowledge, help, and support — 24 working days of paid annual vacation — Paid sick leave — Health insurance (available for specialists based in Ukraine; other countries — in progress) — Zero joules of energy to the aggressor state, its affiliated businesses, or partners — Conference and business travel expenses covered (where applicable) — Birthday greetings (because you matter!) — Online and offline teambuilding events — Corporate celebrations
Send over your CV now — we’d love to get to know you better!
