Security isnβt a state β itβs a process. And weβre looking for someone who knows how to drive it.
Softsich is a young and ambitious international product tech company that develops scalable B2B digital platforms. We combine strategic vision with deep tech expertise to build and scale high-performance products. Right now, weβre looking for a Security Engineer to strengthen our internal infrastructure and help automate key security workflows.
Your key responsibilities will include:
β Monitor and analyze security alerts across multiple security platforms (SIEM, EDR, SOAR)
β Lead Incident Response - serve as primary responder to security alerts, perform initial triage, conduct investigations, and coordinate remediation
β Enhance Detection Capabilities - design, implement, and fine-tune detection rules and alerts across cloud environments
β Conduct endpoint, network, and application log analysis to identify suspicious activity
β Collaborate with IT, DevOps, and Compliance teams to enforce security standards and best practices
β Assist in improving incident response processes, playbooks, and operational practices
β Stay informed about emerging cybersecurity threats, trends, and industry developments
β Deploy and manage MDM/UEM solutions (Jamf, Jumpcloud) across all endpoints
β Advocate for best practices in IT and change management to strengthen security posture
β Define and enforce security policies for workstations (passwords, encryption, restrictions, app controls)
β Perform regular audits and compliance checks aligned with corporate standards
β Monitor device health and security compliance, respond to related alerts
β Coordinate patching and updates on endpoints through MDM
β Conduct inventory and asset tracking, including remote wipe and lock management
β Provide endpoint security reporting and metrics to IT leadership and compliance
β Collaborate with incident response teams on mobile endpoint incidents
Itβs a match if you have:
β 3+ years in IT Operations, System Administration, or related roles
β Experience in security threat analysis or incident response, ideally within a SOC
β Proven experience responding to and managing incidents in cloud environments (AWS, Azure, GCP) and SaaS services (Google Workspace, Atlassian)
β Proficiency with SIEM platforms, including rule creation, tuning, and maintenance
β Strong knowledge of cloud security monitoring tools and techniques
β Understanding of network infrastructure
β Experience analyzing endpoint, network, and application logs for anomalies
β Practical understanding of common attack vectors and how to detect them
β Experience with security automation and scripting for incident response workflows
β Understanding of IT system architecture, network design, and IT/change management processes
β Experience with virtualization technologies
β Familiarity with identity management
β Proficiency in platforms used for information security investigations and triage
Nice to have:
β Experience with cloud-native security tools and services
β Familiarity with scripting or automation (PowerShell, Bash, Python)
β Experience with endpoint detection solutions and email security technologies
β Knowledge of IT security audit techniques
What we offer:
β A competitive salary
β Remote work format or a modern office in Warsaw and/or Kyiv
β Flexible working hours
β An incredibly friendly team where everyone is ready to share knowledge, help, and support
β 24 working days of paid annual vacation
β Paid sick leave
β Health insurance (available for specialists based in Ukraine; other countries β in progress)
β Zero joules of energy to the aggressor state, its affiliated businesses, or partners
β Conference and business travel expenses covered (where applicable)
β Birthday greetings (because you matter!)
β Online and offline teambuilding events
β Corporate celebrations
Send over your CV now β weβd love to get to know you better!