Overview:
SOFTSWISS is hiring a Cybersecurity Data Engineer to join our Security Team and help protect business-critical iGaming infrastructure. In this role, you will work at the intersection of data engineering and cybersecurity, developing and optimizing data pipelines, enhancing threat detection, and ensuring reliable, scalable, and secure systems.
Security Team:
SOFTSWISS Security Team takes care of iGaming services protection, data privacy, and business continuity to ensure that nothing distracts satisfied customers from using our products. We work closely with the IT team that develops and supports our services, and together we create genuinely excellent and secure iGaming products.
Purpose of the role:
The Cybersecurity Data Engineer will play a key role in building and evolving the company’s data-driven security capabilities. You will be responsible for developing and maintaining SIEM infrastructure, ensuring efficient data collection and normalization, and automating workflows that support SOC operations.
Key responsibilities:
- Exploitation and development of existing SIEM infrastructure
- Owner, L3 support of instruments and technologies for data analysts
- L3 SOC specialist for DB and similar incidents
- Automate team tasks with different solutions using Python/Go/Bash development
- Participate in building protection of CI/CD & k8s infrastructure
- Contribute to the definition of security policies and standards
Required Experience:
- More than 3 years of experience as a Clickhouse database administrator or equivalent knowledge
- More than 2 years of experience as a data engineer, with data collection, normalizing, and storage optimization, especially with SIEM data
- Experienced or interested in DevOps and cybersecurity skills improvement
- Strong experience in Database technologies: clustering, sharding, access roles, views, indexing, etc.
- Experienced with monitoring tools (VM, Prometheus, Zabbix, Grafana, AlertMgr, etc…)
- Strong Linux system administration experience
- Experience with Salt Stack, Terraform, Kubernetes, and similar technologies
- Experience in Public Cloud technologies including Oracle Cloud, AWS and Microsoft Azure
- Strong investigative and analytical problem-solving skills
- Practice in building security processes in the corporate environment
- Experience in development and automation (Python/Bash/Go)
- Experience in implementing CI/CD and automation (GitLab/Jenkins)
- Familiarity with SecOps processes i.e., detection, monitoring, alerting and threat intelligence
- Proficiency in Russian and English at Upper-Intermediate level or higher
Nice to have:
- Practice of SIEM administration, configuration, and event analytics
- Maintain accountability in responsibility zones, leveraging data analyst instruments to optimise processes, ensure accuracy, and drive effective results
- Experience with VMware NSX, Neutron, Docker, Kubernetes, Istio and similar technologies
- Knowing how automatic Role-Based access for the company should work
- Strong knowledge of endpoint & infrastructure security such as Audit.d, sysmon, apparmor, selinux, etc
- Hands-on experience implementing security controls and improvements in one or more of the major cloud providers (AWS, GCP, Azure)
Our Benefits:
- Full-time remote work opportunities and flexible working hours
- Private insurance
- Additional 1 Day Off per calendar year
- Sports program compensation
- Comprehensive Mental Health Programme
- Free online English lessons with a native speaker
- Generous referral program
- Training, internal workshops, and participation in international professional conferences and corporate events.
